I am using PowerDns on a Linux box (Debian 6).
I would like to set up the powerdns server to resolve all externally unresolved DNS queries to a given, internal host. Is this possible? How is it done? I think it's necessary to use pdns-recursor, but my configuration file doesn't works !
I use mysql for backend.
I add manually google.com and it's works, but if I delete entry I have "server failed", root dns (or isp dns) don't answer me.
On Debian
apt-get install pdns-recursor
will probably provide what you want. The recursor will bind to 127.0.0.1 and only listen there by default so you will be fine regarding protection against the aforementioned DNS amplification attacks.
You might also want to read http://cr.yp.to/djbdns/separation.html as to why those two functions are provided by separate programs.
BIND simply does it wrong.
This doesn't answer your literal question, but maybe all you really need is to throw a bunch of entries in your /etc/hosts file?
PowerDNS is not designed to provide recursive results. It is intended to act only as an authoritative server for the domains it serves. This implies it will be serving domain data to other hosts.
You could add the Recursor module but I would recommend only using it on intranets. It may have appropriate security to prevent it from being used for DNS amplification attacks.
The easiest method to resolve your issue is to configure your /etc/resolv.conf file to use external servers to resolve DNS. You can use your servers from your ISPs, Google's, OpenDNS, or others. You should check that you can access your PowerDNS server on its published Nameserver address (which may not be your hosts address). Otherwise you will have to rely on your backup nameservers for local access.
