Instructions on how to install PowerDNS Recursor on macOS 10.12 Sierra.

These commands need to be run from the Terminal.

  1. Installation
  2. Configuration
  3. — Reload config
  4. Clearing the cache
  5. Related stuff

Installation

Install Homebrew

/usr/bin/ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)"

Install PowerDNS recursor

brew install pdnsrec

Download and install the boot script from this Gist

sudo wget -O /Library/LaunchDaemons/homebrew.mxcl.pdnsrec.plist 'https://gist.githubusercontent.com/kometchtech/1cda9953aa51c1498183/raw/d85a7b283efef3c605e32d28a8f3ed07a41a2f1b/homebrew.mxcl.pdnsrec.plist'

sudo chown root:wheel /Library/LaunchDaemons/homebrew.mxcl.pdnsrec.plist

sudo launchctl bootstrap system /Library/LaunchDaemons/homebrew.mxcl.pdnsrec.plist

sudo launchctl enable system/homebrew.mxcl.pdnsrec

sudo launchctl kickstart system/homebrew.mxcl.pdnsrec

Configuration

Security setting to prevent access from outside and perform DNSSEC validation when requested by the client.

cd /usr/local/etc/powerdns

echo "allow-from=127.0.0.0/8, ::1/128" | cat - recursor.conf-dist | tee > recursor.conf

echo "dnssec=process" | cat - recursor.conf | tee > recursor.conf

Go to System Preferences > Network and select your interface. Then go to Advanced > DNS tab and click the + to add a DNS server. Enter 127.0.0.1

You can further customize the resolver by editing the config file at /usr/local/etc/powerdns/recursor.conf

— Reload config

When you’re done you need to restart the process like this:

sudo launchctl kickstart -k system/homebrew.mxcl.pdnsrec

Clearing the cache

To clear the local cache run:

sudo rec_control wipe-cache

or to clear only one domain zone:

sudo rec_control wipe-cache domain.name

Changelog
2017-07-15 – Added DNSSEC validation, no more reboot required and replaced legacy launchctl commands.
Thanks to Babo D’s Corner for the commands.

Categories: Code

Leave a Reply

Your email address will not be published. Required fields are marked *