[Pdns-users] pdns-recursor suddenly started to answer with content from . zone instead of what is configured in forward.zones.
Peter van Dijk
peter.van.dijk at powerdns.com
Tue Sep 21 16:20:16 UTC 2021
Hello Thomas,
On Tue, 2021-09-21 at 13:53 +0200, Thomas Mieslinger via Pdns-users
wrote:
> dog. 80 IN NSEC domains. NS DS RRSIG NSEC
This looks like aggressive NSEC reuse (
https://datatracker.ietf.org/doc/html/rfc8198) and/or NXDOMAIN: There
Really Is Nothing Underneath (
https://datatracker.ietf.org/doc/html/rfc8020).
Can you try aggressive-nsec-cache-size=0 (on 4.5.1) and/or
nothing-below-nxdomain=no (4.3.5 and 4.5.1) please?
Kind regards,
--
Peter van Dijk
PowerDNS.COM BV - https://www.powerdns.com/
More information about the Pdns-users
mailing list