Re: [Pdns-users] Hidden supermasters
Hi Richard, On Fri, 2010-08-06 at 15:27 +1000, Richard McLean wrote: > I have wondered about this. We'd love to implement a hidden supermaster type > setup, using AXFR, which auto-updates the 4 main name servers, but is *not* > in the list of name servers for a domain and is not publicly available. Is > the > restriction above able to be worked around or turned off? I've managed to work around this by adding a config line like: gsql-supermaster-query=select account from supermasters where ip='%s' In this setup, only IP addresses need to be listed in the supermasters table and the other checks are bypassed. This might need some careful checks if the database schema / the expected returned field list etc changes at some point in the future. -- -Michael Fincham System Administrator, Unleash www.unleash.co.nz ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] Hidden supermasters
On 06 Aug 2010 wk 31, at 09:56, Richard McLean wrote: > > On 06/08/2010, at 3:54 PM, Ton van Rosmalen wrote: > >> No, this is not a restriction. In our setup we've added the ip address >> in the supermasters-table like this: >> +---++--+ >> | ip| nameserver | account | >> +---++--+ >> | xx.xx.xx.xx | | internal | > > > > Ah, OK, nice. Is it intentional that that works? I hope so, because we rely on it :) We have quite a few customers that have a VPS or dedicated server with us, run some sort of control panel on it (plesk, da, cpanel, ...) and do their dns config in the controlpanel. We have them all configured as hidden masters so the customer can use our distributed and stable ns'es automatically. Regards, Frank Louwers Openminds bvba ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] Hidden supermasters
On 06/08/2010, at 3:54 PM, Ton van Rosmalen wrote: > No, this is not a restriction. In our setup we've added the ip address > in the supermasters-table like this: > +---++--+ > | ip| nameserver | account | > +---++--+ > | xx.xx.xx.xx | | internal | Ah, OK, nice. Is it intentional that that works? cheers, Richard ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] Hidden supermasters
Hi Richard, Richard McLean schreef: > Hi all, > > > From Stefan's answer yesterday on the AXFR question: > > On 06/08/2010, at 12:55 AM, Stefan Schmidt wrote: > >> "The set of NS records for the domain, as retrieved by the slave from the >> supermaster, must include the name that goes with the IP address in the >> supermaster table" >> > > > I have wondered about this. We'd love to implement a hidden supermaster type > setup, using AXFR, which auto-updates the 4 main name servers, but is *not* > in the list of name servers for a domain and is not publicly available. Is > the > restriction above able to be worked around or turned off? > No, this is not a restriction. In our setup we've added the ip address in the supermasters-table like this: +---++--+ | ip| nameserver | account | +---++--+ | xx.xx.xx.xx | | internal | The hidden master on xx.xx.xx.xx will send the update-notification to all public ns's as listed in the zone. The public ns's in turn will axfr the new domain from the hidden master on it's ip. Regards, Ton I' ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
[Pdns-users] Hidden supermasters
Hi all, >From Stefan's answer yesterday on the AXFR question: On 06/08/2010, at 12:55 AM, Stefan Schmidt wrote: > "The set of NS records for the domain, as retrieved by the slave from the > supermaster, must include the name that goes with the IP address in the > supermaster table" I have wondered about this. We'd love to implement a hidden supermaster type setup, using AXFR, which auto-updates the 4 main name servers, but is *not* in the list of name servers for a domain and is not publicly available. Is the restriction above able to be worked around or turned off? cheers, Richard ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users