[Pdns-users] pdns-r, what upstream server is it conferring with?

[Brian Candler]

On 30/10/2024 14:46, A G via Pdns-users wrote:
> I'm struggling to see where or how the upstream DNS server pDNS-Recursor
>   is looking up requests on....

It doesn't use an upstream DNS recursor (unless you explicitly configure 
it to).

It finds and queries authoritative servers on the Internet, starting 
with the root servers and working its way down by following NS records 
(delegations). It uses root hints to make initial contact with a root 
server, and refreshes its list of root servers from that.

On Ubuntu, those root hints are in /usr/share/dns/root.hints from the 
"dns-root-data" package. You don't touch them.


> If it's referring to what's in /etc/resolv.conf, maybe that's a big
> problem if that entry was set via DHCP, and then DHCP is pointing to the
>   "local-address" parameter. A loop?
>
> IE, the pdns is serving on: local-address=192.0.2.25, and DHCP is used
> to configure the pdns server with DNS server...

/etc/resolv.conf is used by *applications* on the host to know which 
resolver to use. It could point to pdns-recursor running on localhost 
(which in fact would be normal), or it could point to a remote machine.

pdns-recursor itself does not use /etc/resolv.conf, nor make queries as 
normal application. It is therefore unaffected by what's here.

If you *do* want pdns-recursor to send all queries to an upstream 
recursive server (for example to make use of a third-party filtered DNS 
service), then you can configure it do so. In the new YAML-style config 
in pdns-recursor 5, you'd write

recursor:
   forward_zones_file: /etc/powerdns/forward.zones.yml

and in /etc/powerdns/forward.zones.yml you would put (for example)

- zone: .
   forwarders:
   - 2620:fe::fe
   - 9.9.9.9
   recurse: true

HTH,

Brian.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20241030/b0c929c6/attachment.htm>