[Pdns-users] Unable to forward-zone to primary PowerDNS server

Kevin P. Fleming kevin at km6g.us
Mon Jul 6 16:21:19 UTC 2020


I believe the zone specified in the 'forward-zones' statement needs to
end with '.'. At least that's what I have in my configuration and it's
working :-)

On Mon, Jul 6, 2020 at 12:13 PM Clarence Mills via Pdns-users
<pdns-users at mailman.powerdns.com> wrote:
>
> Hel
> Hello,
>
> Just recently set up a network containing  1 dnsdist, 1 reccursor  and 1 PDNS server. I'm unable to resolve my internal domain  millsresidence.com. I'm using forward-zones-recurse=millsresidence.com=192.168.0.32 within my recursor. i've attached my config below.
> - dnsdist: 192.168.0.18
> - recursor: 192.168.0.22
> - PDNS server: 192.168.0.32
>
> DNSDIST confirg
> ===============
> -- https://github.com/PowerDNS/pdns/issues/7394
> -- dnsdist configuration file, an example can be found in /usr/share/doc/dnsdist/examples/
> setACL('192.168.0.0/24') -- Allow from home network
> addLocal('192.168.0.18:53',{reusePort=true, tcpFastOpenQueueSize=0, tcpFastOpenSize=0}) -- for dns over port 53 ipv4 , set X(int) for tcp fast open queue size
> addAction(MaxQPSIPRule(400), DropAction())              -- set X(int) number of queries to be allowed per second from a IP
> addAction(AndRule({QTypeRule(dnsdist.ANY), TCPRule(false)}), DropAction())  -- drop ANY queries sent over udp , not useful for DoT and DoH only servers.
> pc = newPacketCache(10000, 86400, 600)                  -- set X number of entries to be in dnsdist cache by default , memory will be preallocated based on the X number
> getPool(""):setCache(pc)                                -- deafult cache
> setStaleCacheEntriesTTL(43200)                          -- expire cache after 12 hour
> newServer({address="192.168.0.22", name=recursor, order=2})
> newServer({address="192.168.0.32", name=auth, order=1})
> setServerPolicy(whashed) -- first server within its QPS limit
> setSecurityPollSuffix("")
> webserver("192.168.0.18:8083", "gr33n") --dependent on ACL rules
>
> recursor config
> =============
> allow-from=192.168.0.0/24
> any-to-tcp=yes
> ## API
> api-config-dir=/opt/powerdns_recursor
> api-logfile=/var/log/pdns.log
> loglevel=8
> config-dir=/etc/powerdns
> daemon=yes
> hint-file=/usr/share/dns/root.hints
> include-dir=/etc/powerdns/recursor.d
> local-address=192.168.0.22
> local-port=53
> lua-config-file=/etc/powerdns/recursor.lua
> quiet=no
> #################################
> # security-poll-suffix  Domain name from which to query security update notifications
> setgid=pdns
> setuid=pdns
> #################################
> # webserver     Start a webserver (for REST API)
> webserver=yes
> webserver-address=0.0.0.0
> webserver-allow-from=192.168.0.0/24
> webserver-password=gr33n
> webserver-port=8082
> api-key=gr33n
> write-pid=yes
> forward-zones-recurse=millsresidence.com=192.168.0.32
>
> I would aprreciate any insights.
>
>
> _______________________________________________
> Pdns-users mailing list
> Pdns-users at mailman.powerdns.com
> https://mailman.powerdns.com/mailman/listinfo/pdns-users


More information about the Pdns-users mailing list