[Pdns-users] Recursor and subdomain forward

Kevin P. Fleming kevin at km6g.us
Fri Mar 20 17:24:07 UTC 2020 

'forward-zone' can only be specified one time in the configuration file. It
accepts a list of domain/address pairs, though, so you can setup multiple
domains for forwarding.

On Fri, Mar 20, 2020 at 1:18 PM Giovanni Vecchi via Pdns-users <
pdns-users at mailman.powerdns.com> wrote:

> Hi Brian,
>
> I missed that in configuration file multiple "forwarding-zone=" entries
> were present for different zone: I only wrote you the first of them that
> queries were failing, I'm sorry.
> I think the problem was that following zone forwarding need to be
> configured with "forwarding-zone*+*=" directive, but if I didn't find any
> feedback in the documentation (
> https://doc.powerdns.com/recursor/settings.html#forward-zones): may I
> open a github issue?
>
> Thanks for your support
>
>
>
>
> On Fri, 20 Mar 2020 at 17:42, Brian Candler <b.candler at pobox.com> wrote:
>
>> Works for me, with 4.3.0-1pdns.bionic
>>
>> Added to recursor.conf:
>> forward-zones=domain.sec=127.0.0.1:5300
>>
>> Restarted pdns-recursor
>>
>> Test:
>>
>> root at cache1:~# dig @localhost testing.domain.sec a
>>
>> ; <<>> DiG 9.11.3-1ubuntu1.11-Ubuntu <<>> @localhost testing.domain.sec a
>> ; (1 server found)
>> ;; global options: +cmd
>> ;; Got answer:
>> ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 54252
>> ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
>>
>> In another window, while doing the above:
>>
>> root at cache1:~# tcpdump -i lo -nnX port 5300
>> tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
>> listening on lo, link-type EN10MB (Ethernet), capture size 262144 bytes
>> 16:40:24.603111 IP 127.0.0.1.26305 > 127.0.0.1.5300: UDP, length 47
>>      0x0000:  4500 004b c7dc 4000 4011 74c3 7f00 0001 E..K.. at .@.t.....
>>      0x0010:  7f00 0001 66c1 14b4 0037 fe4a 740e 0000 ....f....7.Jt...
>>      0x0020:  0001 0000 0000 0001 0774 6573 7469 6e67 .........testing
>>      0x0030:  0664 6f6d 6169 6e03 7365 6300 0001 0001 .domain.sec.....
>>      0x0040:  0000 2904 d000 0080 0000 00 ..)........
>>
>> So I'm sorry, I don't know what's different about your setup. You did
>> restart pdns-recursor? Does "journalctl -eu pdns-recursor" show any
>> errors or warnings at startup?
>>
>>
>>
>
> --
>
>  <http://www.certego.net/>
> Giovanni Vecchi
> Infrastructure Lead Engineer, Certego
> +39-059-7353333
>  <http://www.linkedin.com/company/certego>  <http://twitter.com/Certego_IRT>  <http://github.com/certego>  <http://www.youtube.com/CERTEGOsrl>  <http://plus.google.com/117641917176532015312>
> Use of the information within this document constitutes acceptance for use in an "as is" condition. There are no warranties with regard to this information; Certego has verified the data as thoroughly as possible. Any use of this information lies within the user's responsibility. In no event shall Certego be liable for any consequences or damages, including direct, indirect, incidental, consequential, loss of business profits or special damages, arising out of or in connection with the use or spread of this information.
>
> _______________________________________________
> Pdns-users mailing list
> Pdns-users at mailman.powerdns.com
> https://mailman.powerdns.com/mailman/listinfo/pdns-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20200320/f104e00a/attachment.htm>

More information about the Pdns-users mailing list