[Pdns-users] implementing hyperlocal root-zone (IETF 103) concept using pdns_recursor and pdns authoritative

Pieter Lexis pieter.lexis at powerdns.com
Wed Mar 13 14:16:30 UTC 2019


Hi Thomas,

On 3/13/19 2:07 PM, Thomas Mieslinger wrote:
> And added the following to my pdns_recursor config:
> dnssec=process
> forward-zones-file=/etc/pdns-recursor/anytest2/forward.zones
> lua-config-file=/etc/pdns-recursor/anytest2/nta.lua
> 
> forward.zones contains:
> +.=217.160.80.247,217.160.81.247,217.160.82.247,217.160.83.247,2001:8d8:fe:53:616e:7973:6c76:310a,2001:8d8:fe:53:616e:7973:6c76:330a,2001:8d8:fe:53:616e:7973:6c76:320a,2001:8d8:fe:53:616e:7973:6c76:340a

The '+' indicates that you send the query to the auth with the RD bit
set. That means the recursor will expect the upstream to do the
recursorsion, which it shouldn't do. Can you remove the '+' from the
lines and retry?

You only want to retrieve the delegations from the auth, not have the
auth do the rest of the lookups.

Cheers,

Pieter

-- 
Pieter Lexis
PowerDNS.COM BV -- https://www.powerdns.com


More information about the Pdns-users mailing list