Hi, I haven't managed to find a similar issue while searching. We are testing Vyos 1.4 which uses powerdns recursor as its caching/forwarding name service. We have noticed a behaviour change between pdns-recursor versions 4.3.7-1pdns.buster and 4.4.2-3 (from debian bullseye).
As far as I can tell our configuration for the two versions is the same and we have a few forward-zones which we redirect to an internally reachable DNS server on a 10.0.0.0/8 address. On the 4.3 version any addresses in these internal forward zones resolve correctly, however on the 4.4 version via trace I can see that the lookups are being dropped with a message of "not sending query to 10.x.x.x, blocked by 'dont-query' setting". >From the documentation for the dont-query parameter, it says: "Queries to addresses for zones as configured in any of the settings forward-zones, forward-zones-file or forward-zones-recurse are performed regardless of these limitations." This seems to be the behaviour we see with the 4.3 version, but seems to no longer be the case with the 4.4 version. Can someone tell me if the behaviour change is intentional and if I am misreading the documentation? Kind Regards, Kim
_______________________________________________ Pdns-users mailing list Pdns-users@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/pdns-users