GitLab

Hi,

I switched to Knot from Bind and would like to clear few small questions. I'm using Knot DNS as primary, with OVH as secondary DNS. OVH asks to add an ownercheck subdomain, for verification purposes. I did this but it does not gets resolved. My configuration:

# uname -a
Linux server.domain.com 3.10.0-957.el7.x86_64 #1 SMP Thu Nov 8 23:39:32 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux

# firewall-cmd --permanent --zone=public --add-service=dns
# firewall-cmd --reload

# cat /etc/knot/knot.conf
log:
  - target: syslog
    any: error

server:
    listen: 198.40.136.42@53
    listen: 198.40.136.43@53
    max-udp-payload: 1280
    max-ipv6-udp-payload: 1280
    rundir: /run/knot
    user: knot:knot

zone:
  - domain: domain.com
    storage: /var/lib/knot/zones
    file: domain.com.zone

# cat /var/lib/knot/zones/domain.com.zone
$TTL 1d
$ORIGIN domain.com.
@               IN SOA      ns1.domain.com. hostmaster.domain.com. (
                14          ; serial
                6h          ; refresh
                1h          ; retry
                2w          ; expire
                1d )        ; negative cache
                IN A        198.27.60.138
                IN NS       ns1.domain.com.
                IN NS       ns2.domain.com.
ns1             IN A        198.40.136.42
ns2             IN A        198.40.136.43
ownercheck      IN TXT      d437c164

# systemctl start knot
Mar 20 00:43:46 server systemd: Starting Knot DNS server...
Mar 20 00:43:46 server knotc: Configuration is valid
Mar 20 00:44:36 server systemd: Started Knot DNS server.

I can connect fine to the actual 53 port, from my Mac:

$ nc -z 198.40.136.42 53
Connection to 198.40.136.42 port 53 [tcp/domain] succeeded!

Did I missed something obvious? I don't have Knot Resolver installed.