Powerdns recursor deal with root server outage

Question

I'm having issues with powerdns-recursor (version 3.5.3-1ubuntu0.1, Ubuntu 14.04) returning SERVFAIL when the queried root server is down. I'd think it would query another one, but instead it just returns SERVFAIL...

Currently b.root-servers.net (199.9.14.201) is down (at least for me):

# dig google.com @199.9.14.201

; <<>> DiG 9.9.5-3ubuntu0.17-Ubuntu <<>> google.com @199.9.14.201
;; global options: +cmd
;; connection timed out; no servers could be reached

and my local server varies between returning SERVFAIL and a good result. This result seems to come from the packet cache.

I set up a local pdns-recursor on our Nagios monitoring machine and use it in /etc/resolv.conf to make sure that Nagios sees DNS zone or server problems quickly (otherwise it can take a day or more before a problem is detected). My /etc/powerdns/recursor.conf is:

local-address=127.0.0.1, ::1
local-port=53
max-cache-ttl=60
quiet=no
setgid=pdns
setuid=pdns

I can't seem to figure how to make Power DNS try other root servers on SERVFAIL. It makes no sense to me that it would return SERVFAIL to the client when one of the queried root servers is down.

Edit: I have upgraded the server to 16.04, with Power DNS 4.0. I blocked root server B with ip(6)tables for a day, and it seems to have no ill effects. So, this version seems to deal with it better.

Answer 1

you must add your root server in hint-file on /etc/powerdns/recursor.conf
add your root master or slaves in hint-file as below

.                          360000000      NS    my-dns-root-server.com

my-dns-root-server.com     360000000      A     {your root server ip}