[Pdns-users] PDNS with no direct access to root servers
Brian Candler
b.candler at pobox.com
Tue Apr 6 12:20:21 UTC 2021
On 06/04/2021 12:30, Eelco via Pdns-users wrote:
> I've setup a pdns/pdns-recursor with it's own zones. The
> pdns/pdns-recursor is behind a firewall with no access to any
> root-servers.
>
> The pdns/pdns-recursor is working for the local zones and can forward
> queries to a DNS server through a firewall. But anything outside the
> environment is queried direct to the root-servers which I cannot reach.
>
> The DNS servers in front of the firewall can query everything outside
> the environment.
>
> I've tried to use forward-zones pointing to the DNS servers in front
> of the firewall in recursor.conf and/or an own root-hints file with
> only DNS servers in front of the firewall to set this up but neither
> works.
Can you show the recursor config that you tried?
If the DNS servers (caches) in front of the firewall are 192.0.2.1 and
192.0.2.2, then you need something like:
forward-zones-recurse=.=192.0.2.1,192.0.2.2
More information about the Pdns-users
mailing list