Okay, I've tried out my newfound knowledge and here are my results. First I tried adding the "allow-recursion-override=yes" to my config file. I left the recursor key set to my other production DNS. I then started pdns with "sudo /etc/init.d/pdns monitor". I used nslookup to try and resolve www.test.com which is set up with a CNAME. The result was not the IP of the CNAME value but that of the true public ip for www.test.com. What did I do wrong? Also, is there a switch to have pdns monitor show me each query? A debug logging maybe?
The second thing I tried was to remove the recursor key and use the pdns as strictly authoritative. The database remains the same -- a CNAME for www.test.com. Again, I used nslookup to try and resolve, but now I get a "** server can't find www.test.com: SERVFAIL" Shouldn't it have responded with the value of the CNAME even if it couldn't recurse to resolve it? Thanks for your patience guys! --Tom On 4/10/07, Tom Rossi <[EMAIL PROTECTED]> wrote:
Thanks for the great explanation! On 4/10/07, Derrik Pates <[EMAIL PROTECTED]> wrote: > > Tom Rossi wrote: > > Thank you so much for helping me out. I think I may be showing my > > ignorance. I thought it would have to be configured with a recursor > to > > be able to resolve something it is not authoritative. So in my > > scenario, the DNS is the authority for mydomain.com > > <http://mydomain.com> and I have an MX record that points to > > mx.google.com. My authoritative DNS for mydomain.com needs to be > > able to resolve mx.google.com. > > No, your authoritative nameserver doesn't have to care what > 'mx.google.com' points to; it just returns the MX record by itself to > the recursor. If the MX happened to be in a local zone, it could provide > the A record that it points to, but that's not required. The recursor > may (optionally) do additional processing, i.e., resolve where > 'mx.google.com' points to, but this is not required either. > > > Do I need to configure a recursor > > to make that happen? > > Your mailserver should either be running a local recursor (good for > high-demand mailservers to prevent excessive waiting around for > recursive lookups), or referring to one or more central recursors, which > > handle the task of recursive lookups for it. > > -- > Derrik Pates > [EMAIL PROTECTED] >
_______________________________________________ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
