Forwarding to hnsd from knot-resolver

[singpolyma]

I am running like this:

hnsd -r 127.0.0.1:5353

And then trying to setup knot-resolver in the obvious way:

policy.add(policy.all(policy.FORWARD({ '127.0.0.1@5353' })))

This results in knot being unable to resolve any name. I see no logs coming out of hnsd, and when I turn on debug logs in knot-resolver it says connection refused. Dig to 5353 directly works fine, but for some reason knot cannot connect. Any guesses what could cause a connection refused like that?

[buffrr]

This results in knot being unable to resolve any name

are you getting SERVFAIL can you try using +cd do you get an answer?

dig @knot-resolver-ip 3b +cd

Using hnsd with knot resolver+dnssec validation isn't that easy at the moment. PR #76 will fix this but you can use hsd for now which already has dnssec cleaned up. You still need to replace ICANN's root KSK (example)

If you don't care about DNSSEC, try this instead (not recommended):

policy.add(policy.all(policy.STUB({ '127.0.0.1@5353' })))