Instructions on how to install PowerDNS Recursor on macOS 10.12 Sierra.

These commands need to be run from the Terminal.

  1. Installation
  2. Configuration
  3. — Reload config
  4. Clearing the cache
Install Homebrew

/usr/bin/ruby -e "$(curl -fsSL"

Install PowerDNS recursor

brew install pdnsrec

Download and install the boot script from this Gist

sudo wget -O /Library/LaunchDaemons/homebrew.mxcl.pdnsrec.plist ''

sudo chown root:wheel /Library/LaunchDaemons/homebrew.mxcl.pdnsrec.plist

sudo launchctl bootstrap system /Library/LaunchDaemons/homebrew.mxcl.pdnsrec.plist

sudo launchctl enable system/homebrew.mxcl.pdnsrec

sudo launchctl kickstart system/homebrew.mxcl.pdnsrec


Security setting to prevent access from outside and enable DNSSEC validation.

cd /usr/local/etc/powerdns

echo "allow-from=, ::1/128" | cat - recursor.conf-dist | tee > recursor.conf

echo "dnssec=validate" | cat - recursor.conf | tee > recursor.conf

Go to System Preferences > Network and select your interface. Then go to Advanced > DNS tab and click the + to add a DNS server. Enter

You can further customize the resolver by editing the config file at /usr/local/etc/powerdns/recursor.conf

— Reload config

When you’re done you need to restart the process like this:

sudo launchctl kickstart -k system/homebrew.mxcl.pdnsrec

Clearing the cache

To clear the local cache run:

sudo rec_control wipe-cache

or to clear only one domain zone:

sudo rec_control wipe-cache


2017-07-15 – Added DNSSEC validation, no more reboot required and replaced legacy launchctl commands.
Thanks to Babo D’s Corner for the commands.

