I have inherited a 4.0.6 powerdns deployment that is used to serve a private zone in a lab environment. I am in the process of migrating this environment to AWS and need powerdns to forward aws.internal.lan to a set of Route53 inbound resolvers. It seems that I should be able to do this by using "forward-zones-recurse" in the recursor, but I can't seem to get this to work with the current set up.
pdns.conf:
daemon=no
max-tcp-connections=1000
guardian=no
setuid=pdns
setgid=pdns
launch=gpgsql
allow-recursion=127.0.0.0/8, 10.0.0.0/8
recursor=127.0.0.1:5353
local-address=0.0.0.0
local-port=53
master=no
slave=yes
slave-cycle-interval=60
gpgsql-host=127.0.0.1
gpgsql-dbname=pdns
gpgsql-user=redacted
gpgsql-password=redacted
api-key=redacted
webserver=yes
webserver-address=0.0.0.0
webserver-port=8081
recursor.conf:
setuid=pdns-recursor
setgid=pdns-recursor
allow-from=127.0.0.0/8
local-address=127.0.0.1
local-port=5353
forward-zones-recurse=aws.internal.lan=10.162.67.202;10.162.73.199
The issue is that pdns does not forward the zone to the Route53 resolvers. I can confirm that if I do a dig @127.0.0.1 -p 5353 aws.internal.lan that the recursor returns the correct record, but I can only query the recursor from the local ns server. Shouldn't the authoritative server listening on port 53 forward that request to the recursor listening on port 5353?
It seems like this should just work, but perhaps I am missing something. I'm using an older version of pdns as you can see from my config, and I can't seem to find any documentation on this older version. Any idea what I'm doing wrong here?
