[Pdns-users] dnssec and lua-config--file
Nico CARTRON
nico at ncartron.org
Tue May 12 20:27:50 UTC 2020
On 12-May-2020 19:11 CEST, <pdns-users at mailman.powerdns.com> wrote:
> Hi,
>
> Yes I do :
>
> cat recursor.conf | grep -v '^\s*$\|^\s*\#'
> config-dir=/etc/powerdns
> dnssec-log-bogus=yes
> hint-file=/usr/share/dns/root.hints
> local-address=0.0.0.0
> local-port=3334
> *lua-config-file=/etc/powerdns/recursor.lua*
> quiet=yes
> security-poll-suffix=
> setgid=pdns
> setuid=pdns
> trace=fail
> forward-zones=example.net=192.168.1.28:3333
>
> Maybe I'm using the wrong syntax in forward-zones ...
Nope, the syntax is correct.
However, in your original email, you said that you wanted to:
- resolve normally example.net (I fixed a typo in the domain name,
since you wrote `exemple.net`)
- forward the request foo.example.net to an internal authoritative
server
Your configuration forwards *all* requests to `example.net` to the
192.168.1.28 server.
You should replace it with:
forward-zones=foo.example.net=192.168.1.28:3333
Also, can you send the result of a request for
<something>.foo.example.net, e.g. using dig?
Side question: why using `hint-file`? Are you using a specific root
servers configuration? If not, you don't need that.
Cheers,
--
Nico
More information about the Pdns-users
mailing list