I have a follow-up question and a follow-up concern: First, the concern. I run MySQL in master/slave replication mode. I have a master MySQL server that I write to, and the PowerDNS servers connect to the slaves, not the master. Is there some way to tell PowerDNS to send updates to the master, or will I have to change one of the servers to connect to the master and explicitly send updates only to that server?
Second, my question: Is there anyway to customize the queries that PowerDNS uses to update the records? Specifically, I would like to add a flag to records that were added or updated with Dynamic DNS so that my administrative console can differentiate between those and explicit records. Thanks, Nick > On Oct 17, 2020, at 06:22, Nicholas Williams <nicho...@nicholaswilliams.net> > wrote: > > Thanks, everyone! I knew about DDNS and how it works, but I just thought it > was how public hosts that can’t have static IPs update their own DNS records. > I did not realize that DHCP servers employ DDNS to update DNS records on > behalf of DHCP clients. I’ll look into this more, and also post in the VyOS > forums. > > Thanks! > > Nick > >>> On Oct 17, 2020, at 02:49, Brian Candler <b.cand...@pobox.com> wrote: >>> >>> On 17/10/2020 03:22, Nicholas Williams via Pdns-users wrote: >>> Hello all, >>> >>> For background/context, I currently run a geographically-dispersed PowerDNS >>> infrastructure with a MySQL backend publicly, and then on a private network >>> I run PowerDNS Recursor for name resolution. >>> >>> My router software is VyOs <https://www.vyos.io/>, which is the base OS on >>> which UniFi’s router software is based. It is set up to push out the IP >>> addresses for my PowerDNS Recursor servers with DHCP assignments. Recursor >>> has a single authoritative domain for which it uses a hand-coded zone file >>> to serve out the static IPs for all the known hostnames on the internal >>> network. It recurses all other domains. >>> >>> I know that when hosts get DHCP assignments, they can tell the DHCP server >>> what their hostname is, and the DHCP server can do “something” with that. >>> As much as I know about DNS, I find myself not knowing what this protocol >>> is called or how it works. What I would like to do is add/update that host >>> name to the authoritative local domain. I don’t think I can do this with >>> just Recursor (but maybe I’m wrong). I think I will probably need to also >>> run an Authoritative server and point Recursor to that server for the local >>> domain. >>> >>> What I am looking for are any suggestions, tutorials, documentation, or >>> write-ups about how to do this. >> >> For questions along the lines of "how does VyOS's DHCP server interact with >> a DNS server?" you'd be better off asking on a VyOS forum. >> >> FWIW: all DHCP servers I've worked with that interact with DNS work as >> follows: >> >> 1. They receive a DHCP request from the client (which may include a hostname >> that the client requests) >> 2. They assign an IP address from a pool >> 3. They perform a Dynamic DNS update (RFC 2136) for a pre-configured zone, >> inserting the given hostname. >> >> But you said something else: VyOS is "set up to push out the IP addresses >> for my PowerDNS Recursor servers with DHCP assignments". Now, DHCP servers >> *can* give out specific IP addresses to specific clients, with a table of >> assignments to give out. Normally it's done by MAC address, but it can be >> done based on the client-provided hostname. However, if you do it that way >> round, there's no need for dynamic DNS updates, since essentially every >> client gets a static IP address anyway. >> >> From your description I'm also confused as to whether you are giving out >> DHCP addresses to regular clients, or just to the servers where PDNS >> recursor is running. >> >> You also said: >> >>> Recursor has a single authoritative domain for which it uses a hand-coded >>> zone file to serve out the static IPs for all the known hostnames on the >>> internal network. It recurses all other domains. >> >> I presume you mean via the "auth-zones" configuration? That's a frig for a >> handful of statically configured addresses, and you won't be able to do >> dynamic DNS updates on that. If you need DDNS updates with powerdns then >> you need a separate pdns-authoritative server with a database backend, and >> you'd forward the zone to that, just as you said. (It has to be a database >> backend - pdns-auth's BIND backend doesn't accept DDNS updates). >> >> Depending on the specifics of VyOS's DHCP server, the likely configuration >> is to set up a PDNS zone which can be updated using a TSIG key for >> authentication, and put that into the VyOS DHCP server. If the VyOS DHCP >> server can do that, then there's no need for LUA scripting. >> >> >>> I think I can probably hack a non-standard solution with a Lua script that >>> runs on my router to execute a command to update a host MySQL record every >>> time a DHCP assignment happens, but I am hoping that there is an >>> accepted/standard/common way of doing this that I don’t know about. >>> >> For the pdns side, see https://docs.powerdns.com/authoritative/dnsupdate.html >> >> I can't speak to specifics of VyOS, but "dynamic DNS updates", "TSIG", >> "RFC2136" may be useful search terms when going through their documentation. >> >> Regards, >> >> Brian. >> _______________________________________________ Pdns-users mailing list Pdns-users@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/pdns-users
