[knot-dns-users] Re: Glue Record Problem

Hi all I am having trouble forwarding a subdomain since I upgraded to the latest knot. For a couple of years I have been running a custom DNS server under dynamic.estada.ch <http://dynamic.estada.ch> that the clients find via my regular infrastructure. On my primary zone I have these records, but knot appears to answer weirdly: *estada.ch.zone* dynamic.estada.ch <http://dynamic.estada.ch>. 3600 A     185.194.239.135 dynamic.estada.ch <http://dynamic.estada.ch>. 3600 AAAA  2a0a:51c0::12b dynamic.estada.ch <http://dynamic.estada.ch>. 3600 NS dynamic.estada.ch <http://dynamic.estada.ch>. kdig AAAA dynamic.estada.ch <http://dynamic.estada.ch> @ns1.estada.ch <http://ns1.estada.ch> ;; ->>HEADER<<- opcode: QUERY; status: NOERROR; id: 29173 ;; Flags: qr rd; QUERY: 1; ANSWER: 0; AUTHORITY: 1; ADDITIONAL: 3 ;; EDNS PSEUDOSECTION: ;; Version: 0; flags: ; UDP size: 1232 B; ext-rcode: NOERROR ;; QUESTION SECTION: ;; dynamic.estada.ch <http://dynamic.estada.ch>. INAAAA ;; AUTHORITY SECTION: dynamic.estada.ch <http://dynamic.estada.ch>. 3600INNSdynamic.estada.ch <http://dynamic.estada.ch>. ;; ADDITIONAL SECTION: dynamic.estada.ch <http://dynamic.estada.ch>. 3600INA185.194.239.135 dynamic.estada.ch <http://dynamic.estada.ch>. 3600INAAAA2a0a:51c0::12b But public servers don't get the glue records: kdig AAAA dynamic.estada.ch <http://dynamic.estada.ch> @9.9.9.9 <http://9.9.9.9> ;; ->>HEADER<<- opcode: QUERY; status: SERVFAIL; id: 63899 ;; Flags: qr rd ra; QUERY: 1; ANSWER: 0; AUTHORITY: 0; ADDITIONAL: 1 ;; EDNS PSEUDOSECTION: ;; Version: 0; flags: ; UDP size: 1232 B; ext-rcode: NOERROR ;; QUESTION SECTION: ;; dynamic.estada.ch <http://dynamic.estada.ch>. INAAAA The trouble is that most resolvers are now unable to resolve the domain as the AAAA and A queries still get answered with NS + additional A+AAAA. Is there a configuration option to tell knot to actually respond with the A or AAAA record when asked? Also ANY, TXT, or CAA queries behave the same as NS queries: kdig ANY dynamic.estada.ch <http://dynamic.estada.ch> @ns1.estada.ch <http://ns1.estada.ch> ;; ->>HEADER<<- opcode: QUERY; status: NOERROR; id: 14419 ;; Flags: qr rd; QUERY: 1; ANSWER: 0; AUTHORITY: 1; ADDITIONAL: 3 ;; EDNS PSEUDOSECTION: ;; Version: 0; flags: ; UDP size: 1232 B; ext-rcode: NOERROR ;; QUESTION SECTION: ;; dynamic.estada.ch <http://dynamic.estada.ch>. INANY ;; AUTHORITY SECTION: dynamic.estada.ch <http://dynamic.estada.ch>. 3600INNSdynamic.estada.ch <http://dynamic.estada.ch>. ;; ADDITIONAL SECTION: dynamic.estada.ch <http://dynamic.estada.ch>. 3600INA185.194.239.135 dynamic.estada.ch <http://dynamic.estada.ch>. 3600INAAAA2a0a:51c0::12b I am happy for any pointers you may have. Cheers, Stefan --