[Pdns-users] Recursor and subdomain forward
Brian Candler
b.candler at pobox.com
Fri Mar 20 11:03:22 UTC 2020
On 20/03/2020 10:56, Giovanni Vecchi via Pdns-users wrote:
> @Brian: my bad, my local domain isn't an ".local" one but ".sec", so
> please consider domain.sec as root domain
> The current behaviour is that public root domain are queried for every
> *.domain.sec from recursor instead the authoritative one!
> My conf:
>
> config-dir=/etc/powerdns
> local-address=0.0.0.0
> local-port=53
> setgid=pdns
> setuid=pdns
> allow-from=0.0.0.0
> logging-facility=1
> loglevel=9
> quiet=no
> version-string=Mind your own business…
> webserver=yes
> webserver-address=0.0.0.0
> webserver-allow-from=127.0.0.1
> webserver-port=8082
> api-key=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
> forward-zones=domain.sec=127.0.0.1:5300 <http://127.0.0.1:5300>
Do no queries arrive at 127.0.0.1:5300 at all? What version of
pdns-recursor are you using?
It's possible that you need to set a negative trust anchor for
domain.sec. See:
https://doc.powerdns.com/recursor/dnssec.html#negative-trust-anchors
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20200320/ff39c247/attachment.htm>
More information about the Pdns-users
mailing list