[Pdns-users] dnssec and lua-config--file

Nico CARTRON nico at ncartron.org
Tue May 12 20:27:50 UTC 2020

On 12-May-2020 19:11 CEST, <pdns-users at mailman.powerdns.com> wrote:

> Hi,
> Yes I do :
> cat recursor.conf | grep -v '^\s*$\|^\s*\#'
> config-dir=/etc/powerdns
> dnssec-log-bogus=yes
> hint-file=/usr/share/dns/root.hints
> local-address=
> local-port=3334
> *lua-config-file=/etc/powerdns/recursor.lua*
> quiet=yes
> security-poll-suffix=
> setgid=pdns
> setuid=pdns
> trace=fail
> forward-zones=example.net=
> Maybe I'm using the wrong syntax in forward-zones ...

Nope, the syntax is correct.

However, in your original email, you said that you wanted to:

   - resolve normally example.net (I fixed a typo in the domain name,
     since you wrote `exemple.net`)
   - forward the request foo.example.net to an internal authoritative

Your configuration forwards *all* requests to `example.net` to the server.
You should replace it with:

Also, can you send the result of a request for
<something>.foo.example.net, e.g. using dig?

Side question: why using `hint-file`? Are you using a specific root
servers configuration? If not, you don't need that.



More information about the Pdns-users mailing list