Hi,

I am not able to force knot-resolver to forward some queries.

I have real DNS zone and in internal network I have few 3rd level subzones.
For them I would like to make my kresd forward queries to our internal DNS server (bind9).

My computer is not inside company nework - connected via openvpn.
System is ubuntu 18.04.1 (up-to-date) and knot-resolver 3.0.0.

Relevant part of kresd.conf is:

policy.add(policy.suffix(
    policy.FORWARD('10.0.0.1'),{
        todname('sub1.company.cz'),
        todname('sub2.company.cz')
    }
))

dig machine.sub1.company.cz @127.0.0.53     does NOT work,
dig machine.sub1.company.cz @10.0.0.1     DOES work

I have set verbose(true) but with no help.
kresd queries 10.0.0.1 for 'company.cz' only, but that's all.

I am just working on it on my ubuntu workstation,
but real target will be turris omnia with its kresd,
which connects via openvpn to company network.

--
Sincerely
Ivo Panacek