Earlier I set this the recursor to some random dns server on the
internet. But there's the problem that pdns should serve some private
zone that's not resolvable through the root servers.
So, what's the best practice with the pds_recursor here? Should I use
forward-zones= to point back to my (should be)authoritative pdns
installation?
Thanks a lot for your help.
Chris
Stefan Schmidt wrote:
On Thu, Feb 11, 2010 at 01:44:38AM +0100, Chris wrote:
Try putting 'hallo.foo.bar.' in the content column of that CNAME.
I already tried this. I still get the same error:
Not authoritative for 'hallo.foo.bar.', sending servfail to
10.30.0.0 (recursion was desired)
Ah right, you did not specify a recursor= option, this means that your
pdns_server will be authoritative-only.
Your recursive nameserver (for example pdns_recursor) will take care of
resolving this cname subsequently.
For testing an authoritative-only server you should try
dig @10.20.30.42 hier.foo.bar. +norec
and
dig @10.20.30.42 hallo.foo.bar. +norec
which will not set the recursion desired (RD) flag for this query.
It is best current practice to seperate recursive and authoritative servers.
[1]
However if you need to do both just specify your recursive dns IP address with
the recursor=<ip> in pdns.conf. This will cause the authoritative server to
proxy all questions that it cannot ask from its database to the recursive
server for you.
Stefan
[1] http://cr.yp.to/djbdns/separation.html
_______________________________________________
Pdns-users mailing list
[email protected]
http://mailman.powerdns.com/mailman/listinfo/pdns-users
