Bug #10507
closedUnable to use forwarders
100%
Description
When setting the forwarders in the settings tabs, the forwarders are added under the general "options" section.
However, when we create a View, a root zone with root hints is always added. The result is that any non-local zone query will use recursion instead of sending the query to the forwarders.
If we set Recursion=No in the View, any non-local query gets denied, which is normal. If we set Recursion=Yes, then the recursion is done by BIND and not forwarded to the forwarders. At this point there are NO zones defined in the Zones tab.
Shouldn't the 'zone "." { }' statement be added only if recursion is yes AND there are no forwarders configured under the Settings tab?
This is the named.conf file:
#Bind pfsense configuration #Do not edit this file!!! key "rndc-key" { algorithm hmac-sha256; secret "..."; }; controls { inet 127.0.0.1 port 953 allow { 127.0.0.1; } keys { "rndc-key"; }; }; options { directory "/etc/namedb"; pid-file "/var/run/named/pid"; statistics-file "/var/log/named.stats"; max-cache-size 256M; listen-on port 53 { any; }; forwarders { 1.1.1.1;1.0.0.1; }; }; logging { channel custom { syslog daemon; print-time no; print-severity yes; print-category yes; severity debug 1; }; category default { custom; }; }; view "default" { recursion yes; match-clients { any; }; allow-recursion { any; }; zone "." { type hint; file "/etc/namedb/named.root"; }; };
Updated by Viktor Gurov over 4 years ago
Updated by Jim Pingle over 4 years ago
- Status changed from New to Pull Request Review
Updated by Renato Botelho over 4 years ago
- Status changed from Pull Request Review to Feedback
- Assignee set to Renato Botelho
- % Done changed from 0 to 100
- Affected Version deleted (
2.4.5)
PR has been merged. Thanks!
Updated by Danilo Zrenjanin about 4 years ago
- Status changed from Feedback to Resolved
Tested on the latest snapshot.
It doesn't add 'zone "." { }' anymore, if recursion is set to Yes and there are forwarders defined.
Ticket resolved.