[Pdns-users] Change of behaviour for dont-query between pdns-recursor 4.3 and 4.4
Otto Moerbeek
otto at drijf.net
Mon Aug 9 18:51:43 UTC 2021
On Mon, Aug 09, 2021 at 11:11:42AM +0100, Kim Covil via Pdns-users wrote:
> Hi,
>
> I haven't managed to find a similar issue while searching. We are testing
> Vyos 1.4 which uses powerdns recursor as its caching/forwarding name
> service. We have noticed a behaviour change between pdns-recursor versions
> 4.3.7-1pdns.buster and 4.4.2-3 (from debian bullseye).
>
> As far as I can tell our configuration for the two versions is the same and
> we have a few forward-zones which we redirect to an internally reachable
> DNS server on a 10.0.0.0/8 address. On the 4.3 version any addresses in
> these internal forward zones resolve correctly, however on the 4.4 version
> via trace I can see that the lookups are being dropped with a message of
> "not sending query to 10.x.x.x, blocked by 'dont-query' setting".
>
> From the documentation for the dont-query parameter, it says:
> "Queries to addresses for zones as configured in any of the settings
> forward-zones, forward-zones-file or forward-zones-recurse are performed
> regardless of these limitations."
> This seems to be the behaviour we see with the 4.3 version, but seems to no
> longer be the case with the 4.4 version.
>
> Can someone tell me if the behaviour change is intentional and if I am
> misreading the documentation?
>
> Kind Regards,
>
> Kim
That looks like a regression. Can you please file an issue on
https://github.com/PowerDNS/pdns/issues, including config and trace?
Thanks, Otto
More information about the Pdns-users
mailing list