Cannot forward/proxy request outside of zone

Any ideas? Thank you!

Corefile:

corp.com {
file /Users/xxxx/dns/corp.com
bind xxx.xxx.xxx.xxx
errors stdout
log stdout
proxy . 8.8.8.8:53
cache
}


Zone file:

$TTL 1800
$ORIGIN corp.com.
@ 1D IN SOA ns01.corp.com. admin.corp.com. (
1282630061 ; Serial
4H ; Refresh
1H ; Retry
7D ; Expire
4H ; Negative Cache TTL
)

IN NS ns01.corp.com.

ns01 IN A xxx.xxx.xxx.xxx

nsdev IN A xxx.xxx.xxx.xxx
IN AAAA xxxx:xxxx:xxxx:xxxx::xxxx


Dig:

; <<>> DiG 9.8.3-P1 <<>> @xxx.xxx.xxx.xxx A +short
; (1 server found)
;; global options: +cmd
;; connection timed out; no servers could be reached
dig @xxx.xxx.xxx.xxx A +short
dig @xxx.xxx.xxx.xxx

; <<>> DiG 9.8.3-P1 <<>> @xxx.xxx.xxx.xxx
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 49484
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;www.google.com. IN A

;; Query time: 42 msec
;; SERVER: xxx.xxx.xxx.xxx#53(xxx.xxx.xxx.xxx)
;; WHEN: Sun Apr 16 08:26:31 2017
;; MSG SIZE rcvd: 32


STDOut:

017/04/16 08:26:30 [INFO] “A IN .” - No such zone at dns://xxx.xxx.xxx.xxx:53 (Remote: xxx.xxx.xxx.xxx:57582)

Yes, this is because the zone stanza is for corp.com, so the proxy will only see corp.com, but this is picked up by file before. If we want this you’ll need the proxy stanza own its own:

corp.com {
 # ...
}

. {
  proxy . 8.8.8.8:53
}

(FYI: three backticks (`) on their own line delimit code blocks :wink: )

ah, thanks! (why no markdown!!!??)

That is markdown! Right? :confused: https://github.com/adam-p/markdown-here/wiki/Markdown-Cheatsheet#code

~~~ is usually also supported: http://spec.commonmark.org/0.27/#fenced-code-blocks

Huh, never seen that before. I guess you could file an issue with Discourse to support CommonMark.

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.