[Pdns-users] Recursor and subdomain forward
Giovanni Vecchi
g.vecchi at certego.net
Fri Mar 20 17:18:19 UTC 2020
Hi Brian,
I missed that in configuration file multiple "forwarding-zone=" entries
were present for different zone: I only wrote you the first of them that
queries were failing, I'm sorry.
I think the problem was that following zone forwarding need to be
configured with "forwarding-zone*+*=" directive, but if I didn't find any
feedback in the documentation (
https://doc.powerdns.com/recursor/settings.html#forward-zones): may I open
a github issue?
Thanks for your support
On Fri, 20 Mar 2020 at 17:42, Brian Candler <b.candler at pobox.com> wrote:
> Works for me, with 4.3.0-1pdns.bionic
>
> Added to recursor.conf:
> forward-zones=domain.sec=127.0.0.1:5300
>
> Restarted pdns-recursor
>
> Test:
>
> root at cache1:~# dig @localhost testing.domain.sec a
>
> ; <<>> DiG 9.11.3-1ubuntu1.11-Ubuntu <<>> @localhost testing.domain.sec a
> ; (1 server found)
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 54252
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
>
> In another window, while doing the above:
>
> root at cache1:~# tcpdump -i lo -nnX port 5300
> tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
> listening on lo, link-type EN10MB (Ethernet), capture size 262144 bytes
> 16:40:24.603111 IP 127.0.0.1.26305 > 127.0.0.1.5300: UDP, length 47
> 0x0000: 4500 004b c7dc 4000 4011 74c3 7f00 0001 E..K.. at .@.t.....
> 0x0010: 7f00 0001 66c1 14b4 0037 fe4a 740e 0000 ....f....7.Jt...
> 0x0020: 0001 0000 0000 0001 0774 6573 7469 6e67 .........testing
> 0x0030: 0664 6f6d 6169 6e03 7365 6300 0001 0001 .domain.sec.....
> 0x0040: 0000 2904 d000 0080 0000 00 ..)........
>
> So I'm sorry, I don't know what's different about your setup. You did
> restart pdns-recursor? Does "journalctl -eu pdns-recursor" show any
> errors or warnings at startup?
>
>
>
--
<http://www.certego.net/>
Giovanni Vecchi
Infrastructure Lead Engineer, Certego
+39-059-7353333
<http://www.linkedin.com/company/certego>
<http://twitter.com/Certego_IRT> <http://github.com/certego>
<http://www.youtube.com/CERTEGOsrl>
<http://plus.google.com/117641917176532015312>
Use of the information within this document constitutes acceptance for
use in an "as is" condition. There are no warranties with regard to
this information; Certego has verified the data as thoroughly as
possible. Any use of this information lies within the user's
responsibility. In no event shall Certego be liable for any
consequences or damages, including direct, indirect, incidental,
consequential, loss of business profits or special damages, arising
out of or in connection with the use or spread of this information.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20200320/3264c9f1/attachment-0001.htm>
More information about the Pdns-users
mailing list