Hi Pieter,
thank you for your reply.
removing the + does not help.
The public ips listed will work for you, if you want to try it yourself.
I'll prepare a trace-regex.
Best regards
Thomas
On 3/13/19 3:16 PM, Pieter Lexis wrote:
Hi Thomas,
On 3/13/19 2:07 PM, Thomas Mieslinger wrote:
And added the following to my pdns_recursor config:
dnssec=process
forward-zones-file=/etc/pdns-recursor/anytest2/forward.zones
lua-config-file=/etc/pdns-recursor/anytest2/nta.lua
forward.zones contains:
+.=217.160.80.247,217.160.81.247,217.160.82.247,217.160.83.247,2001:8d8:fe:53:616e:7973:6c76:310a,2001:8d8:fe:53:616e:7973:6c76:330a,2001:8d8:fe:53:616e:7973:6c76:320a,2001:8d8:fe:53:616e:7973:6c76:340a
The '+' indicates that you send the query to the auth with the RD bit
set. That means the recursor will expect the upstream to do the
recursorsion, which it shouldn't do. Can you remove the '+' from the
lines and retry?
You only want to retrieve the delegations from the auth, not have the
auth do the rest of the lookups.
Cheers,
Pieter
_______________________________________________
Pdns-users mailing list
Pdns-users@mailman.powerdns.com
https://mailman.powerdns.com/mailman/listinfo/pdns-users
