Problem solved.
You must put an ACL in named configuration.
Here we have a default Named Configuration in GTM with recursive deactivated.
Code
restrict rndc access to local machines
use the key in the default place: /config/rndc.key
controls {
inet 127.0.0.1 port 953 allow {
127.0.0.1;
};
};
logging {
channel logfile {
syslog daemon;
severity error;
print-category yes;
print-severity yes;
print-time yes;
};
category default {
logfile;
};
category config {
logfile;
};
category notify {
logfile;
};
};
options {
listen-on port 53 {
127.0.0.1;
"zrd-acl-000-000";
};
listen-on-v6 port 53 {
::1;
};
recursion no;
directory "/config/namedb";
allow-transfer {
localhost;
};
check-names master warn;
check-integrity yes;
max-journal-size 1M;
version "none";
};
acl "zrd-acl-000-000" {
127.10.0.0;
};
Code
To activate the recursion, we should change the "no" to "yes" in the line "recursion no". But besides that, we need to add an acl. So, our code will be:
Code
restrict rndc access to local machines
use the key in the default place: /config/rndc.key
controls {
inet 127.0.0.1 port 953 allow {
127.0.0.1;
};
};
logging {
channel logfile {
syslog daemon;
severity error;
print-category yes;
print-severity yes;
print-time yes;
};
category default {
logfile;
};
category config {
logfile;
};
category notify {
logfile;
};
};
options {
listen-on port 53 {
127.0.0.1;
"zrd-acl-000-000";
};
listen-on-v6 port 53 {
::1;
};
recursion yes;
directory "/config/namedb";
allow-transfer {
localhost;
};
check-names master warn;
check-integrity yes;
max-journal-size 1M;
version "none";
allow-recursion {
internal;
};
};
acl "zrd-acl-000-000" {
127.10.0.0;
};
acl "internal" {
0.0.0.0/0;
};
Code
After this configuration, the system starts to accept recursive querys.