On 2024/10/07 21:17, Michel Otte wrote:
You have left out quite a few details from your setup. What PowerDNS
version are you running?
PDNS 4.6.3
What backend [1] did you configure on the PowerDNS auth side?
SQLite3
What other commands did you run to set up the secondary zone?
I installed the PowerDNS-Admin Web frontend and simply used the UI to
add domains as they get created. I select that the zone is a secondary,
tell it where the master is, pull the domain from the master, and that's it.
From the context you provide, I take it you are trying to set up
PowerDNS to become a secondary nameserver that receives zone transfers
from a primary BIND nameserver.
Yes
Please start by reading the PowerDNS modes of operation section [2]
from the manual if not already done so, specifically the part that
discusses secondary operation [3]. Next, make sure the domain you want
PowerDNS to be secondary for is actually created on the PowerDNS side,
for secondary operation [4].
I have 9 domains set up as secondaries and they work fine as far as I
can tell when I manually tell anyone domain to sync with the master.
PowerDNS also has something that's called auto-primary mode [5], which
allows a primary nameserver to "provision" a PowerDNS secondary
nameserver, or let PowerDNS automatically discover new zones it should
be authoritative for. This functionality was known as "supermaster",
but has been renamed in recent versions.
That sounds interesting, I'll read up on that.
From what I've learned up to now, the actual domain record contains the
address of the master, and even if an update is triggered via notify, it
will not be done if the master ip address doesn't match the ip address
in the domain record. Is that correct? If so, it leads me to the next
question, which is: Is there any way in which I can add a second master
ip address to the record?
I suppose I can attempt to redo a secondary zone file and use the LAN
(internal) address? The problem is though that PDNS has a public ip
address and is not NAT'ted, so I don't think the LAN ip address of the
master is visible to PDNS.
Ideas?
Hopefully this helps. With kind regards,
Michel Otte
[1]: https://doc.powerdns.com/authoritative/backends/
[2]: https://doc.powerdns.com/authoritative/modes-of-operation.html
[3]:
https://doc.powerdns.com/authoritative/modes-of-operation.html#secondary-operation
[4]:
https://doc.powerdns.com/authoritative/backends/generic-sql.html#secondary-operation
[5]:
https://doc.powerdns.com/authoritative/backends/generic-sql.html#autoprimary-operation
Roland Giesler via Pdns-users <pdns-users@mailman.powerdns.com>:
I'm running my primary DNS on Power Mail-in-a-Box, which runs BIND9's
NAMED and sends notifications when a domain's zone file changes.
I have set PowerDNS's config to accept these from the LAN and
Public ip
of the master, but I see this error in syslog. (The DNS is a NAT'ted
server)
Oct 7 17:13:43 PowerDNS pdns_server[125]: Received NOTIFY for
fast.za.net <http://fast.za.net> from 192.168.131.102 which is not
a master (Refused)
Oct 7 17:13:43 PowerDNS pdns_server[125]: message repeated 9
times: [
Received NOTIFY for fast.za.net <http://fast.za.net> from
192.168.131.102 which is not a
master (Refused)]
My config file has:
allow-axfr-ips=197.214.119.180/32,192.168.131.0/24,127.0.0.0/8,::1,169.255.79.10/24
allow-notify-from=197.214.119.180/32,192.168.131.0/24,::/0
<http://197.214.119.180/32,192.168.131.0/24,127.0.0.0/8,::1,169.255.79.10/24allow-notify-from=197.214.119.180/32,192.168.131.0/24,::/0>
What should I do to allow the changes onto PowerDNS?
_______________________________________________
Pdns-users mailing list
Pdns-users@mailman.powerdns.com
https://mailman.powerdns.com/mailman/listinfo/pdns-users
_______________________________________________
Pdns-users mailing list
Pdns-users@mailman.powerdns.com
https://mailman.powerdns.com/mailman/listinfo/pdns-users
