Re: [Pdns-users] Hidden slave doesn't retreive domain from master
On Thu, 2011-08-25 at 21:42 +0200, Posner, Sebastian wrote: Enrico van Goor wrote: Aug 25 13:22:44 Unable to find backend willing to host example.org for potential supermaster 10.12.3.50 The IP of the nameserver isn't is the NS records of the domain and isn't meant to. When I do add the NS record, the AXFR does work. The supermasters table needs an entry for the hidden master. Something like: ip nameserver account hidden master ipname of primary nameserverinternal Do you already have such an entry? Yes, the supermasters table does have an entry for the hidden master. The problem is in your backend. Not all backends support superslave-operations, as this mode needs the ability to dynamically create new zones. Which backend(s) do you use and how are they configured? I use MySQL as the backend for powerdns. I think is is well configured, because when I add the NS record of the slave to the domain it is added to the hidden slave. allow-recursion=0.0.0.0/0 allow-axfr-ips=10.12.3.50 config-dir=/etc/powerdns daemon=yes disable-axfr=yes disable-tcp=no guardian=yes launch=gmysql lazy-recursion=yes local-address=10.12.3.52 local-port=53 module-dir=/usr/lib/powerdns setgid=pdns setuid=pdns master=yes slave=yes slave-cycle-interval=60 socket-dir=/var/run version-string=powerdns gmysql-host=127.0.0.1 gmysql-user=poweradmin gmysql-password=secret gmysql-dbname=powerdns gmysql-supermaster-query=select account from supermasters where ip='%s' mysql select * from supermasters; ++--+-+ | ip | nameserver | account | ++--+-+ | 10.12.3.50 | master.example.com | admin | ++--+-+ 1 row in set (0.00 sec) Regards, Enrico ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] Hidden slave doesn't retreive domain from master
Ton van Rosmalen wrote: snip mysql select * from supermasters; ++--+-+ | ip | nameserver | account | ++--+-+ | 10.12.3.50 | master.example.com | admin | ++--+-+ 1 row in set (0.00 sec) Maybe I'm mistaken again but if this the non-changed output of the query you need to change the nameserver-record. AFAIK this must contain the name of the primary nameserver-name (or maybe a valid nameservers) as available in the zone. For example, if you use ns1.solcon.nl as primary NS-record you need to have 'ns1.solcon.nl' as the nameserver-record in de supermasters-table. In this regard, primary nameserver is the nameserver mentioned in the SOA of the zone. So it's not necessarily the first NS-record in the zone; it doesn't even need to be part of the NS-Set at all. @bert hubert: If the log-message Enrico gave in his original message is what is logged in this case, developer should think about improving the information content of the log-message to prevent error-seeking in wrong places ;) kind regards, Sebastian -- Sebastian Posner Unix-Systemspezialist AM Data Center Services, Shared Infrastructure Deutsche Telekom AG, Products Innovation ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] Hidden slave doesn't retreive domain from master
Hi Ton, On Fri, 2011-08-26 at 14:48 +0200, Ton van Rosmalen wrote: Hi Enrico, Op 26-8-2011 14:23, Enrico van Goor schreef: On Thu, 2011-08-25 at 21:42 +0200, Posner, Sebastian wrote: snip mysql select * from supermasters; ++--+-+ | ip | nameserver | account | ++--+-+ | 10.12.3.50 | master.example.com | admin | ++--+-+ 1 row in set (0.00 sec) Maybe I'm mistaken again but if this the non-changed output of the query you need to change the nameserver-record. AFAIK this must contain the name of the primary nameserver-name (or maybe a valid nameservers) as available in the zone. For example, if you use ns1.solcon.nl as primary NS-record you need to have 'ns1.solcon.nl' as the nameserver-record in de supermasters-table. I'm testing anycast in combination with powerdns. The IP-addressen in the NS records are configured in a BGP domain on a few routers. The DNS have a real IP which is different from the IP addressen advertised in the domain records. That's why I use the also-notify option. I'm not testing on our production platform, but in a lab. master.example.com Is the supermaster in my lab. This needs to be hidden from the internet and is used to provision the superslaves. The superslaves are accessed through the anycast addresses, which pass the DNS request to 1 of the nodes (superslaves). Regards, Enrico ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] Hidden slave doesn't retreive domain from master
Enrico van Goor wrote: snip mysql select * from supermasters; ++--+-+ | ip | nameserver | account | ++--+-+ | 10.12.3.50 | master.example.com | admin | ++--+-+ 1 row in set (0.00 sec) Maybe I'm mistaken again but if this the non-changed output of the query you need to change the nameserver-record. AFAIK this must contain the name of the primary nameserver-name (or maybe a valid nameservers) as available in the zone. For example, if you use ns1.solcon.nl as primary NS-record you need to have 'ns1.solcon.nl' as the nameserver-record in de supermasters-table. I'm testing anycast in combination with powerdns. The IP-addressen in the NS records are configured in a BGP domain on a few routers. The DNS have a real IP which is different from the IP addressen advertised in the domain records. That's why I use the also-notify option. I'm not testing on our production platform, but in a lab. master.example.com Is the supermaster in my lab. This needs to be hidden from the internet and is used to provision the superslaves. The superslaves are accessed through the anycast addresses, which pass the DNS request to 1 of the nodes (superslaves). Could you provide the zonefile or at least @, SOA and NS-set for the zone in question? kind regards, Sebastian -- Sebastian Posner Unix-Systemspezialist AM Data Center Services, Shared Infrastructure Deutsche Telekom AG, Products Innovation ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
[Pdns-users] Recursor - Modifying requests?
Here's my setup: I use pdns server and pdns recursor inside of my production environment. Each location had it's own subdomain, ie srv1.sfo.company.com, srv2.lax.company.com, etc. I'm shutting one location down and moving/renaming servers but would like the old names to get answered with the new information (in case there is a legacy app that doesn't get updated). I was hoping to do the programmatically rather than dumping a bunch of records into the system. I _thought_ the solution was a lua script. The only issue is that it seems lua can only intercept a request in advance and answer it. If someone knows how to use Lua to simply modify a request and let it pass, please let me know. Thanks -Jon ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] new pdns mysql web interface
Hi, Thanks to everyone who replied. I will try to incorporate your suggestions into the software. I don't want to commit myself to an ETA here, but I hope to release 1.0 very soon (2 weeks). The interface is actually already done, but I want a turnkey solution with an installer, release builder, demo, docs and everything. I'll keep you posted. - Fagzal ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] new pdns mysql web interface
We are interested in it On Wed, Aug 24, 2011 at 7:28 AM, Fagyal Csongor conc...@conceptonline.huwrote: Hi, I have written a multiuser PowerDNS MySQL zone editor in PHP. It comes with an install, some docs and other goodies, e.g. a perl script to use the pipe backend so even if your MySQL server goes down your DNS will still be operational. I am thinking about releasing it to the public free and open source. Let me know if you are interested, because I am not going to spend time on it if no one wants it :) Regards, - Fagzal __**_ Pdns-users mailing list Pdns-users@mailman.powerdns.**com Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/**mailman/listinfo/pdns-usershttp://mailman.powerdns.com/mailman/listinfo/pdns-users ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
