Bug #10507
closed
Unable to use forwarders
100%
Description
When setting the forwarders in the settings tabs, the forwarders are added under the general "options" section.
However, when we create a View, a root zone with root hints is always added. The result is that any non-local zone query will use recursion instead of sending the query to the forwarders.
If we set Recursion=No in the View, any non-local query gets denied, which is normal. If we set Recursion=Yes, then the recursion is done by BIND and not forwarded to the forwarders. At this point there are NO zones defined in the Zones tab.
Shouldn't the 'zone "." { }' statement be added only if recursion is yes AND there are no forwarders configured under the Settings tab?
This is the named.conf file:
#Bind pfsense configuration
#Do not edit this file!!!
key "rndc-key" {
algorithm hmac-sha256;
secret "...";
};
controls {
inet 127.0.0.1 port 953
allow { 127.0.0.1; } keys { "rndc-key"; };
};
options {
directory "/etc/namedb";
pid-file "/var/run/named/pid";
statistics-file "/var/log/named.stats";
max-cache-size 256M;
listen-on port 53 { any; };
forwarders { 1.1.1.1;1.0.0.1; };
};
logging {
channel custom {
syslog daemon;
print-time no;
print-severity yes;
print-category yes;
severity debug 1;
};
category default { custom; };
};
view "default" {
recursion yes;
match-clients { any; };
allow-recursion { any; };
zone "." {
type hint;
file "/etc/namedb/named.root";
};
};
Updated by Viktor Gurov over 5 years ago
Updated by Jim Pingle over 5 years ago
- Status changed from New to Pull Request Review
Updated by Renato Botelho over 5 years ago
- Status changed from Pull Request Review to Feedback
- Assignee set to Renato Botelho
- % Done changed from 0 to 100
- Affected Version deleted (
2.4.5)
PR has been merged. Thanks!
Updated by Danilo Zrenjanin almost 5 years ago
- Status changed from Feedback to Resolved
Tested on the latest snapshot.
It doesn't add 'zone "." { }' anymore, if recursion is set to Yes and there are forwarders defined.
Ticket resolved.