[Pdns-users] Request for Help with PowerDNS + Recursor Configuration for Final Year Project

frank at kiwazo.be frank at kiwazo.be
Wed May 7 16:05:04 UTC 2025 


> On 7 May 2025, at 17:03, Nacho Oppo <nachooppo64 at gmail.com> wrote:
> 
> Hi Frank.
> 
> Another option I considered is creating a program that modifies the
> /etc/hosts files. With resolv.conf pointing to the internet and the
> nsswitch with host as file and dns, I'd have it solved. The only thing
> I need to implement is modifying the Lua records. My problem here is
> that it's simple for just two servers, but when we have N, things get
> more complicated.

That's another non-optimal solution, which is guaranteed to break.

> 
> What I can't understand is why this configuration worked perfectly for
> me with one old version of PDNS- pdns-4.1.14-1 (only put two namesever
> in resolv.conf 127.0.0.1 and 8.8.8.8) ?


Please see https://doc.powerdns.com/authoritative/appendices/EOL.html?highlight=end%20life. Pdns 4.1 went End Of Life before 2021, ages ago.

> Sorry,  I thought it worked when using the nslookup client, but when
> using dig it stops working
> 
> root at centos# nslookup mario
> Server:         127.0.0.1
> Address:        127.0.0.1#53
> 
> Name:   mario
> Address: 194.140.12.111
> 
> root at centos# nslookup kiwazo.be
> ;; Got recursion not available from 127.0.0.1, trying next server
> Server:         8.8.8.8
> Address:        8.8.8.8#53
> 
> Non-authoritative answer:
> Name:   kiwazo.be
> Address: 216.24.57.1
> 
> But with dig
> 
> root at centos# dig mario
> 
> ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.68.rc1.el6_10.7 <<>> mario
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 61686
> ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
> ;; WARNING: recursion requested but not available
> 
> ;; QUESTION SECTION:
> ;mario.                         IN      A
> 
> ;; ANSWER SECTION:
> mario.                  1       IN      A       194.140.12.111
> 
> ;; Query time: 12 msec
> ;; SERVER: 127.0.0.1#53(127.0.0.1)
> ;; WHEN: Wed May  7 17:01:35 2025
> ;; MSG SIZE  rcvd: 39
> 
> root at centos# dig kiwazo.be
> 
> ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.68.rc1.el6_10.7 <<>> kiwazo.be
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 22835
> ;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
> ;; WARNING: recursion requested but not available
> 
> ;; QUESTION SECTION:
> ;kiwazo.be.                     IN      A
> 
> ;; AUTHORITY SECTION:
> .                       1       IN      SOA     mario. hostmaster. 0
> 10800 3600 604800 3600
> 
> ;; Query time: 16 msec
> ;; SERVER: 127.0.0.1#53(127.0.0.1)
> ;; WHEN: Wed May  7 17:01:45 2025
> ;; MSG SIZE  rcvd: 77
> 
> root at centos# ping mario
> PING mario (194.140.12.111) 56(84) bytes of data.
> ^C
> --- mario ping statistics ---
> 2 packets transmitted, 0 received, 100% packet loss, time 1128ms
> 
> root at centos# ping kiwazo.be
> ping: unknown host kiwazo.be
> root at centos#
> 
> 
> 
> 
> I think I'll look for another way, because it's getting too
> complicated. Thank you very much for your time.

Yes, as I mentioned: Adding an auth server which doesn't know how to resolve things to /etc/resolv.conf will cause lots of bad things.

Frank

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20250507/f54539dc/attachment.htm>

More information about the Pdns-users mailing list