I am getting errors with my configuration of dnslist.
I want to provide authoritative dns for several hundred public domains, for
which I understand recursion is required, yet (as of version 4.1.0),
PowerDNS Authoritative Server no longer allows recursion. For recursion, I
understand I need to install PowerDNS Recursor (v 4.5.X) and dnsdist (v
1.6.X) in addition to PowerDNS Authoritative Server (v 4.4.X), following
the migration plan scenario 2 under
https://doc.powerdns.com/authoritative/guides/recursion.html.
Following the above guide, I have installed all 3 applications:
- systemctl status pdns.service is reporting the PowerDNS Authoritative
Server is Active: active (running) - as per the guide, I have added to
pdns.conf with:
local-address=127.0.0.1
local-port=5300
- systemctl status pdns-recursor.service is reporting the PowerDNS
Recursor is Active: active (running) - as per the guide, I have added to
recursor.conf:
local-address=127.0.0.1
local-port=5301
- systemctl status dnsdist.service is reporting dnslist is Active:
activating (auto-restart) (Result: exit-code) ... --check-config
(code=exited, status=1/FAILURE) - as per the guide, I have created
dnsdist.conf
setLocal('IPADDRESS:PORT')
addLocal('ANOTHERIPADDRESS:PORT')
setACL({'0.0.0.0/0', '::/0'}) -- Allow all IPs access
newServer({address='127.0.0.1:5300', pool='auth'})
newServer({address='127.0.0.1:5301', pool='recursor'})
recursive_ips = newNMG()
recursive_ips:addMask('NETWORKMASK1') -- These network masks are the
ones from allow-recursion in the Authoritative Server
recursive_ips:addMask('NETWORKMASK2')
addAction(NetmaskGroupRule(recursive_ips), PoolAction('recursor'))
addAction(AllRule(), PoolAction('auth'))
These are installed on an Ubuntu 20.04 server with private IP address
192.168.1.2 inside a router with TCP/UDP port 53 forwarded to 192.168.1.2
from the external public IP address 207.177.51.156 (ns2.opensourceserver.io).
So in the above config, I replaced IPADDRESS:PORT with 192.168.1.2:53 and
deleted the 2nd line "addLocal('ANOTHERIPADDRESS:PORT')".
I do not understand with what I should replace the NMG, NETWORKMASK1,
NETWORKMASK2, and the remaining config (or if I should just delete it if I
have no network masks)?
When I dig opensourceserver.io @ns2.opensourceserver.io, I either get
"connection timed out; no servers could be reached" or "status: SERVFAIL"
from different Internet locations.
I have also consulted the documentation at https://dnsdist.org/, without
any real edification. Is there any good (comprehensive) tutorial on PDNS -
the only things I can find on Google are tutorials like
https://kifarunix.com/easily-install-and-setup-powerdns-on-ubuntu-20-04/,
which are completely out of date.
Any help would be appreciated.
Steve Garner
+1 302 364 0325 (USA)
stevenjgar...@gmail.com
_______________________________________________
Pdns-users mailing list
Pdns-users@mailman.powerdns.com
https://mailman.powerdns.com/mailman/listinfo/pdns-users
