Re: [Pdns-users] DNSSEC and

attempt to perform key rollover on the same > database at the same time? Do they not step on each other's toes? > > -Xan > > > > On 8/22/23 07:03, Frank Louwers via Pdns-users wrote: >> Hi Xan, >> It depends which DNSSEC you choose. If you would pick "

Re: [Pdns-users] DNSSEC and

ulting in consistent signatures (as long as your MariaDB replication isn't broken). See https://doc.powerdns.com/authoritative/dnssec/modes-of-operation.html#online-signing for more info and other ways of turning on DNSSEC on PowerDNS. Frank Frank Louwers PowerDNS Certified Consultant @ Ki

Re: [Pdns-users] Unable to edit domainmetadata with API

Hi Shailendra, This is documented behaviour: https://doc.powerdns.com/authoritative/domainmetadata.html states: The option SOA-EDIT-API can not be written or read via the HTTP API metadata endpoint. Cheers, Frank Frank Louwers PowerDNS Certified Consultant @ Kiwazo.be > On 30 Jun 2

Re: [Pdns-users] Blocklist file format

Hi, There's also extensive RPZ and PowerDNS docs at https://docs.spamhaus.com/dns-firewall/docs/source/configuration/power_dns_config.html (it uses Spamhaus's RPZs, but applies to other RPZs as well). Kind Regards, Frank Louwers PowerDNS Certified Consultant @ Kiwazo.be > On 7

Re: [Pdns-users] request: Sample replication setup with dnsdist

Hi Daniel, The best (and preferred) way to run both auth and the recursor on the same machine, is to run them on 2 separate IP addresses, as 2 separate setups. Regardless of whether or not you're using dnsdist. Frank Louwers PowerDNS Certified Consultant @ Kiwazo.be <http://kiwazo.be/&

Re: [Pdns-users] Issue with SOA request PDNS server

Hi Jhonny, It seems like you're looking at the wrong zone. The error you get, is about the reverse delegation of the 200.7.160.0/20 subnet. You do have 200.7.160.0/24 correctly set up: ❯ dig -x 200.7.160.0 soa @200.7.160.10 +norec ... ;; AUTHORITY SECTION: 160.7.200.in-addr.arpa. 3600IN

Re: [Pdns-users] PowerDNS Active - Passive Mode

d Regards, Frank Louwers PowerDNS Certified Consultant @ Kiwazo.be > On Jun 17, 2021, at 8:21 AM, Cem Kıyanç wrote: > > Hi Frank, > > I have two different data center environments. Venuc DC ve Mars DC > > in this structure; Master: PowerDNS Slave: BindDNSManage

Re: [Pdns-users] PowerDNS Active - Passive Mode

e load balancer such as dnsdist to perform failovers if you want to have an active / standby setup. I hope this answers your question. If not, please let us know what you want to accomplish and we'll point you in the right direction. Kind Regards, Frank Frank Louwers PowerDNS Certified Co

Re: [Pdns-users] MySQL/MariaDb Scaling

like mysql replication? > Is it feasible to have a slave servers which check the SOA of millions > of zones on a master DNS Server? > > Cheers Thomas > > Am 04.06.21 um 10:32 schrieb Frank Louwers: >> Hi, >> >> As Thomas said: your setup looks sane, and if it

Re: [Pdns-users] MySQL/MariaDb Scaling

Hi, As Thomas said: your setup looks sane, and if it currently works for you, there's no need to change anything. If you do have zones that are getting hit by a random-subdomain-lookup attack, I would recommend to have a separate NS with a BIND or LMDB backend ready to serve only those domains

Re: [Pdns-users] Zone A Record

ne and name)? Could you also paste the TF output and any entries in the PowerDNS log? Kind Regards, Frank Louwers PowerDNS Certified Consultant @ Kiwazo.be > On May 28, 2021, at 9:08 AM, Ralph via Pdns-users > wrote: > > Nobody an idea? > >> Am 27.05.2021 um 14:43 schri

Re: [Pdns-users] DNS Forwarding on Master/Slave Servers

Hi Steven, There are a couple of problems with your domain that prevent it from functioning correctly. First up, it seems like the ns1/ns2/ns3.opensourceserver.io glue records at the .IO cctld are all registered with the same IP address. That's probably not co

Re: [Pdns-users] [E] Re: Powerdns on AWS Instances

While this will indeed work, please note that using dnsdist.org has huge advantages: a simple (dns-unaware) LB will LB the request, either round-robin or in a least-outstanding manner. A dns-aware LB (such as dnsdist) will do this much more intelligently, which results in higher cache ration an

Re: [Pdns-users] pdns query wrong SOA records with ipv6 and miss the right domain this way

> On 6 Oct 2020, at 20:42, bert hubert via Pdns-users > wrote: > > On Tue, Oct 06, 2020 at 08:29:49PM +0200, Oliver Dzombic via Pdns-users wrote: >> SELECT content,ttl,prio,type,domain_id,disabled,name,auth FROM records >> WHERE disabled=0 and type='SOA' and >> name='7.3.c.f.9.0.2.0.0.0.0.0.3.

Re: [Pdns-users] Implementing virtual domains

our indexes if you have a large of domains / records. Worst case, build the templating system outside of PowerDNS and have it create / manipulate the zones on demand. Kind Regards, Frank Louwers Certified PowerDNS Consultant @ Kiwazo.be ___ Pdns-user

Re: [Pdns-users] "HTTP/1.1 422 Unprocessable Entity" when creating a zone

That exact same example works in my setup, which uses 4.3.0 with a MySQL backend. Could you provide us your full config, backend & backend schema? Could you also increase logging (see https://docs.powerdns.com/authoritative/settings.html#webserver-loglevel) and send us the log when you're doin

Re: [Pdns-users] "HTTP/1.1 422 Unprocessable Entity" when creating a zone

: > > I'm using pdns 4.2.1. > > > > Tomasz > > > On 2020-06-30 22:17, Frank Louwers wrote: >> Hi Tomasz, >> What version are you using? The docs you mention, refer to an old >> version of PowerDNS Auth... >> Frank >>> On 30 Jun

Re: [Pdns-users] "HTTP/1.1 422 Unprocessable Entity" when creating a zone

Hi Tomasz, What version are you using? The docs you mention, refer to an old version of PowerDNS Auth... Frank > On 30 Jun 2020, at 15:09, Tomasz Chmielewski via Pdns-users > wrote: > > I did it exactly as in PowerDNS README: > https://doc.powerdns.com/md/httpapi/README/ > > Does it mean R

Re: [Pdns-users] Running auth server and recursor on the same server, upgrading from 4.0.9

Dear Yves, It might be best to describe your setup in a bit more detail: - what client devices use your resolver, are they all on internal IT infra? (Your home of office net?) How many devices are we talking about? How do they configure the ip of their resolver? (Hand-set, dhcp, ...)? - what t

Re: [Pdns-users] Some questions about deploying a dns slave serrevrs using Powderdns sofftware

/modes-of-operation.html#pre-signed-records Regarding your second question: you can, but make sure you understand the performance implications. See https://docs.powerdns.com/authoritative/settings.html#log-dns-queries on how to enable it. Regards, Frank Louwers Certified PowerDNS Consultant at

Re: [Pdns-users] iprange is hitting my dns servers

Hi Steffan, It smells like a bunch of Windows clients that all want to lookup a DomainController... (all capitals, DC, ... typical MS naming conventions) Are the 195.121.82.103-195.121.82.139 ips under your control? Best of luck hunting :) Frank > On 10 Jun 2020, at 08:32, Steffan via Pdns-us

Re: [Pdns-users] Fwd: Re: configure: error: Did not find the mysql library dir in /usr/lib/mysql

Hi Cliff, Could you try without the --with-mysql-lib=/var parameter? Or with —with-mysql-lib=/usr? The dev libraries are not installed in /var/lib/mysql, but probably in /usr/lib/libmysql* Frank Louwers Certified PowerDNS Consultant > On 20 Dec 2018, at 15:12, Cliff Hayes <mail

Re: [Pdns-users] Pdns-users Digest, Vol 191, Issue 14

) L7 LB. What do you want to achieve? Maybe dnsdist is a better option? Regards, Frank Louwers Certified PowerDNS Consultant > On 18 Dec 2018, at 18:45, Satya Sharma <mailto:satya...@gmail.com>> wrote: > > Hello, > > Could your kindly provide suggestion, if PowerDN

Re: [Pdns-users] Unable to resolve domain when using DO and not AD

Dear Luca, > On 12 Dec 2018, at 19:53, Luca Lesinigo > wrote: > > Il giorno 12 dic 2018, alle ore 18:45, bert hubert > ha scritto: >>> Right now I am refraining to disclose the domain because I don’t know if >>> this behavior could disclo

Re: [Pdns-users] How to understand cause of rejected notify

Hi MRob, Could you please try a ‘dig AXFR domain.com’ from your slave? Could you also provide us a full packet capture (pcap if possible)? I am starting to suspect a firewall issue… Frank > On 1 Dec 2018, at 22:44, MRob wrote: > >> All supermaster problems I know of can be resolved by chec

Re: [Pdns-users] recursor: no reverse lookups

the auth-server provided that answer. Your pdns-recursor in front of it, is a recursor, so the result is non-auth. Hope this helps… Frank Louwers > On 19 Nov 2018, at 09:03, Sig Pam mailto:s...@itserv.de>> > wrote: > > One more thing. Maybe you have a quick idea, I did n

Re: [Pdns-users] pdns with one mysql backend down and one up fails to process queries

HAproxy is very much production ready! MySQL-proxy works, but has gotchas and bugs. Best to work around mysql-proxy if you can! Regards, Frank -- Frank Louwers COO Openminds http://www.openminds.be/ Schrijf je in op onze nieuwsbrief: http://openminds.be/nieuwsbrief Stefan Tobé wrote: OK

Re: [Pdns-users] pdns_control retrieve can't find SOA

UPDATE: I think I've solved this one (odd issue on the master). -- Frank Louwers COO Openminds http://www.openminds.be/ Schrijf je in op onze nieuwsbrief: http://openminds.be/nieuwsbrief Frank Louwers wrote: Hi, I am currently running 3.2-pre.20121012.2810-1 of pdns-server. The

[Pdns-users] slave-cycle-interval ignored in pdns 3.2-pre.20121012.2810-1

domain freshness: Query to '88.151.YY.XX:53' for SOA of 'example.tld' produced no results (error code: Refused) Oct 18 21:47:15 ns2 pdns[1341]: While checking domain freshness: Query to '88.151.YY.XX:53' for SOA of 'example.tld' produced no results (error cod

[Pdns-users] pdns_control retrieve can't find SOA

b.example.tld, I get the following entry in my logs: Oct 18 22:29:45 ns2 pdns[11522]: No serial for 'sub.example.tld' found - zone is missing? But both dig -t SOA and dig -t AXFR work perfectly. Any suggestions? Regards, Frank -- Frank Louwers COO Openminds http://www.open

Re: [Pdns-users] PowerDNSSEC Progress: ready for a first look

download the tarball which can be found on the sites above, >>> and let us know how it works for you! >>> >>> To clarify, we do not recommend taking the current code snapshot into >>> production, but we are getting close. >>> >>> Kind regards,

Re: [Pdns-users] Multi server deployment

are now looking into >>>>> finalizing the architecture for the final deployment and migration. In >>>>> that respect we have a couple of doubts. >>>>> >>>>> Since we are going to be using the MySQL backend, and we are going to >&g

Re: [Pdns-users] Multi server deployment

ackend. Thanks for your help. Atha, why would you need master-master? Frank -- Frank Louwers Operations -- Openminds bvbahttp://openminds.be fr...@openminds.be +32.9 225 82 91 Schrijf je nu in op onze nieuwsbrief: http://openminds.be/nieuwsbrief ___

Re: [Pdns-users] Multi server deployment

What are your thoughts on this? Are there any best practices/recommendations >> for large deployments? Thanks in advance for all your help. >> >> Cheers, >> Atha >> ___ >> Pdns-users mailing list >> Pdns-users@mailman.powe

Re: [Pdns-users] Hidden supermasters

te a few customers that have a VPS or dedicated server with us, run some sort of control panel on it (plesk, da, cpanel, ...) and do their dns config in the controlpanel. We have them all configured as hidden masters so the customer can use our distributed and stabl

Re: [Pdns-users] Deleted DNS Records not Removing from Slave

Hi Brandon, Why don't you use mysql replication between the 2 servers? If a records gets inserted/updated/deleted/... on the master, the change is send to the slave instant (well, quasi-instant). Solves a few problems... Regards, Frank Louwers Openminds bvba On 26 Jun 2010 wk 25, at

Re: [Pdns-users] Reliable supermaster setup - howto?

NS1. Our NS1 gets the NOTIFY, sees that it doesn't know anything about the zone, sees that CUST-NS is a configured supermaster, and it will AXFR the zone from CUST-NS and commit it to it's own master MySQL db. Again, MySQL replication takes care of distributing the zone to NS2 and N

Re: [Pdns-users] copy of SIDN presentation yesterday

On 19 Jun 2009, at 14:27, bert hubert wrote: (message in Dutch about a Dutch presentation about DNS) Hallo allemaal, Zoals recent aangekondigd is er op de SIDN relatiedag een presentatie geweest over DNS, waar ik enkele van jullie ook ontmoet heb! Bert, Thank you for the presentation. I wa

Re: [Pdns-users] PowerDNS Recursor 3.1.8-prerelease with EDNS-PING

bert hubert wrote: One small note - EDNS-PING is *not* yet an official standard. It is like buying a '802.11N DRAFT' router! But it is unlikely the technical details (wire format) of EDNS-PING will change, since the specification is so simple. Bert, the two important questions to ask h

Re: [Pdns-users] PowerDNS as Slave Doesn't create New Domains

On 16 Dec 2008, at 20:42, papoyan wrote: So My questions is, what do you think is causing PowerDNS NOT TO CREATE new domains? You need to read the "Supermaster" documentation of pdns. And check the pdns table ... F Thank you for you help ! -- View this message in context: http