[Pdns-users] pdns forward nested recurse possible?

abubin abubin at gmail.com
Fri Apr 19 10:10:17 UTC 2019


That means the way to go is what I stated initially. That is using
pdns-recursor to forward "known" domains to authoritative server. The rest
will be forward with recursive to public dns, right?

On Fri, Apr 19, 2019 at 5:48 PM Nico CARTRON <nicolas at ncartron.org> wrote:

> On 19-Apr-2019 11:44 CEST, <abubin at gmail.com> wrote:
>
> > How do I do plain recursion with only pdns installed? AFAIK, the new
> > version of pdns does not support recursor anymore. Or maybe I am missing
> > something?
>
> I think you're confusing things :)
>
> You're probably referring to the fact that the Authoritative server does
> not
> provide recursion anymore - this is true.
>
> But in your case, the server doing the recursion would be the PowerDNS
> Recursor,
> which of course will always provide DNS Recursion, since that its main
> goal in
> life ;)
>
> Cheers,
>
> --
> Nico
>
> > On Fri, Apr 19, 2019 at 5:32 PM Nico CARTRON <nicolas at ncartron.org>
> wrote:
> >
> > > Hi,
> > >
> > > On 19-Apr-2019 11:21 CEST, <abubin at gmail.com> wrote:
> > >
> > > > Hi,
> > > >
> > > > I am just trying to have something simple.
> > >
> > > well, I do believe you are complicating something which should be
> simple ;)
> > >
> > > > When a client query the pdns recursor server, it will first look at
> it's
> > > > authoritative pdns domains. If non of the domains being queried is in
> > > > authoritative then it will shoot to public dns for recurvise query.
> > > >
> > > > EG,
> > > > dig onedomain.com @pdnsrecursor.server
> > > >
> > > > pdnsrecursor server will forward query to pdns authoritative if
> nothing
> > > > comes back then forward to public dns.
> > > >
> > > > Does it make sense?
> > >
> > > As noted by Brian in another answer, why not just use forward-zones to
> > > point to
> > > the Auth the requests for the few domains you are responsible for, and
> for
> > > all
> > > the other zones, just use plain recursion, and not use Google Public
> DNS?
> > >
> > > Cheers,
> > >
> > > --
> > > Nico
> > >
> > > > On Fri, Apr 19, 2019 at 5:04 PM Nico CARTRON <nicolas at ncartron.org>
> > > wrote:
> > > >
> > > > > Hello,
> > > > >
> > > > > On 19-Apr-2019 10:48 CEST, <abubin at gmail.com> wrote:
> > > > >
> > > > > > Hi,
> > > > > >
> > > > > > Is it possible to use recursor to forward all queries to pdns
> > > > > authoritative
> > > > > > server and if that query fails, it will forward all to public DNS
> > > such as
> > > > > > 8.8.8.8?
> > > > > >
> > > > > > For example, in my pdns, I have create a domain called
> mydomain.com
> > > and
> > > > > > yourdomain.moc.
> > > > > >
> > > > > > So instead of creating:
> > > > > > forward-zones=mydomain=127.0.0.1:5300
> > > > > > forward-zones+=yourdomain.moc=127.0.0.1:5300
> > > > > > forward-zones-recurse=.=8.8.8.8
> > > > > >
> > > > > > I would like to create:
> > > > > > forward-zones-recurse=.=127.0.0.1:5300
> > > > > > forward-zones-recurse+=.=8.8.8.8
> > > > > >
> > > > > > However, tried second method and it does not work. Please advise.
> > > > >
> > > > > Could you explain with more details what you are trying to achieve?
> > > > > Sending all the queries you're receiving from the Recursor to an
> > > > > Authoritative
> > > > > server wont' work, as the Auth will only answer for the DNS zones
> it is
> > > > > Auth
> > > > > for.
> > > > >
> > > > > Google Public DNS is not an Authoritative service, but a recursive
> one.
> > > > >
> > > > > Also, forward-zones-recurse means you are sending requests to a
> > > recursive
> > > > > DNS
> > > > > server (
> > > > >
> https://doc.powerdns.com/recursor/settings.html#forward-zones-recurse
> > > ),
> > > > > which your PDNS Authoritative is not - hence the fact that this
> second
> > > > > method
> > > > > doesn't work.
> > > > >
> > > > > Cheers,
> > > > >
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20190419/b030a368/attachment.html>


More information about the Pdns-users mailing list