Hi Thomas, On 3/13/19 2:07 PM, Thomas Mieslinger wrote: > And added the following to my pdns_recursor config: > dnssec=process > forward-zones-file=/etc/pdns-recursor/anytest2/forward.zones > lua-config-file=/etc/pdns-recursor/anytest2/nta.lua > > forward.zones contains: > +.=217.160.80.247,217.160.81.247,217.160.82.247,217.160.83.247,2001:8d8:fe:53:616e:7973:6c76:310a,2001:8d8:fe:53:616e:7973:6c76:330a,2001:8d8:fe:53:616e:7973:6c76:320a,2001:8d8:fe:53:616e:7973:6c76:340a
The '+' indicates that you send the query to the auth with the RD bit set. That means the recursor will expect the upstream to do the recursorsion, which it shouldn't do. Can you remove the '+' from the lines and retry? You only want to retrieve the delegations from the auth, not have the auth do the rest of the lookups. Cheers, Pieter -- Pieter Lexis PowerDNS.COM BV -- https://www.powerdns.com _______________________________________________ Pdns-users mailing list Pdns-users@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/pdns-users
