[Pdns-users] PDNS Recursor and forward-zones-file
Otto Moerbeek
otto at drijf.net
Thu Mar 17 12:28:24 UTC 2022
On Thu, Mar 17, 2022 at 01:04:55PM +0100, Pepe Charli via Pdns-users wrote:
> Hi,
>
> I am experiencing some "strange" behavior with pDNS Recursor (
> pdns-recursor-4.4.7-1pdns.el7.x86_64)
>
> The recursor is configured to forward all zones to other DNS servers
>
> forward-zones-file=/path/to/file
> and the file itself contains
> .=192.168.68.63, 192.168.68.64
>
> From time to time the resource stops resolving and if I reload-zones it
> resolves again correctly
>
> This is a trace of when it fails
> https://pastebin.com/raw/mH3ci9Ss
>
> And this is a trace of when it works after reload-zones
> https://pastebin.com/raw/pWAW02QK
What you are seeing is an interaction of the forward-zones, cached NS
records and dont-query values.
Despite what is said about the "dont-query'" setting in
https://docs.powerdns.com/recursor/settings.html#dont-query
there are cases where this does not work as designed. This likely happens
when NS records of subzones of a forwarded zone are cached.
Probable workaround: make sure you dont list the IPs you are forewarding
to in in "dont-query". See the URL above for the default value.
I'm putting this on my list of things to investigate.
-Otto
More information about the Pdns-users
mailing list