Hi Nacho, How "static" is the list of domains which need to resolve locally? Updated sub-second? Once every minute? Once every hour?
I would not use pdns-recursor at all. I would let dnsdist be the first point of entry, with 2 pools: a "auth" pool and a resolver pool. Add the pdns-auth (with MySQL and Lua records) to the auth pool. Have pdns-auth ONLY serve the special records, with the lua handling. Add 8.8.8.8 (and maybe 1.1.1.1/9.9.9.9 as well) to the resolver pool. Tell dnsdist to read a set of "special" domains from a text file. Tell it that IF (and only IF) the qname is part of the domains which is on the "special" list, it should send the query to the auth pool. In every other case (normal resolving), send it to the resolving pool (8.8.8.8 and others). To be VERY VERY VERY VERY clear: what you proposed in the first mail is very very very very bad practice. If the scoring of the project is done by somebody who has any real life experience with dns, you'd fail. We don't want you to fail. So with the advise I and others on the list have given you, please go back to the drawing board and rethink your design. Frank > On 7 May 2025, at 16:04, Nacho Oppo via Pdns-users > <pdns-users@mailman.powerdns.com> wrote: > > Thanks William, > > I answer you between the lines > > 1. This is bad practice. > > It may be a bad practice, but it is the chosen one and it is the one that I > hope will give me the approval. > > > 2. The goal of an assignment can’t be to have someone else do it for you. > What’s the point? > > I am clear that it has to be this way, I need to understand it in order to > explain it. > > > 3. What have you tried? “It doesn’t work” doesn’t indicate any effort. > > I've installed and uninstalled the software several times, run separate tests > on the DNS server, and it resolves the names I put in the database. However, > the moment I try to add another DNS server to resolv.conf, it stops > responding to local DNS servers and goes online to look for them. > When I installed the Recursor, things got even worse because, despite not > having another DNS server in resolv.conf or the config, the service resolved > names for me, and I don't really understand how it did it. > > 4. Should a Computer Science assignment really be this high-level? > > They proposed it to me and I thought it wouldn't be as complicated as it's > turning out to be. > > Nacho. > > El mié, 7 may 2025 a las 10:27, William Edwards via Pdns-users > (<pdns-users@mailman.powerdns.com <mailto:pdns-users@mailman.powerdns.com>>) > escribió: >> 1. This is bad practice. >> 2. The goal of an assignment can’t be to have someone else do it for you. >> What’s the point? >> 3. What have you tried? “It doesn’t work” doesn’t indicate any effort. >> 4. Should a Computer Science assignment really be this high-level? >> >> William Edwards >> >> > Op 7 mei 2025 om 10:04 heeft Nacho Oppo via Pdns-users >> > <pdns-users@mailman.powerdns.com <mailto:pdns-users@mailman.powerdns.com>> >> > het volgende geschreven: >> > >> > >> > Dear "PowerDNS MailGroup", >> > >> > My name is Nacho, and I am a university student currently studying >> > Computer Science. I’m working on my final-year project, which involves >> > setting up a system that allows resolution of personal names using >> > PowerDNS. >> > >> > The goal is to configure PowerDNS so that it first checks an A record in a >> > MySQL backend, and if the record is not found o if database does´not >> > respond, it should forward the query to an external DNS server, such as >> > Google’s (8.8.8.8). >> > >> > From what I’ve read, this setup used to be possible directly with >> > PowerDNS, but now it seems that the use of a separate PowerDNS Recursor in >> > front is required. I’ve tried configuring it myself, but unfortunately, I >> > haven’t been able to make it work properly. >> > >> > If someone could share a working configuration for both PowerDNS >> > Authoritative and PowerDNS Recursor (for the current versions), or point >> > me to a complete example, I would be truly grateful. >> > >> > Thank you in advance for your time and help. >> > >> > Best regards, >> > Nacho >> > >> > _______________________________________________ >> > Pdns-users mailing list >> > Pdns-users@mailman.powerdns.com <mailto:Pdns-users@mailman.powerdns.com> >> > https://mailman.powerdns.com/mailman/listinfo/pdns-users >> >> _______________________________________________ >> Pdns-users mailing list >> Pdns-users@mailman.powerdns.com <mailto:Pdns-users@mailman.powerdns.com> >> https://mailman.powerdns.com/mailman/listinfo/pdns-users > _______________________________________________ > Pdns-users mailing list > Pdns-users@mailman.powerdns.com > https://mailman.powerdns.com/mailman/listinfo/pdns-users
_______________________________________________ Pdns-users mailing list Pdns-users@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/pdns-users
