Re: [Pdns-users] Master Support with LDAP Backend

On 7/6/2021 1:40 μ.μ., Peter van Dijk via Pdns-users wrote: It is in fact available. The 'No' is wrong. I have just merged a documentation fix for that (should be visible in a few minutes). Thank you very much Peter, I somehow missed your reply and came across it only today. That is good new

[Pdns-users] Master Support with LDAP Backend

On 19/5/2021 9:40 μ.μ., Nikolaos Milas via Pdns-users wrote: By the way, the LDAP backend documentation states "Master (support): No", yet there is a section (Master Mode) with configuration for Master operation.These changes will allow master operation in the future, or rather mast

Re: [Pdns-users] Upgrading Auth Server directly from 4.1.14 to 4.4.1

On 21/5/2021 2:08 π.μ., Michael Ströder wrote: Do you really need the launch suffix 'bkend2' for the bindbackend parameters? Hi Michael, thanks for the reply. I simply had left this part of the config as it was (working before upgrade) at version 4.1.14. Obviously, bind suffix support was

Re: [Pdns-users] Upgrading Auth Server directly from 4.1.14 to 4.4.1

On 19/5/2021 10:20 μ.μ., Brian Candler wrote: There is no state stored in pdns-auth itself, other than the state in the backend.  So as long as you change your backend to be compatible with 4.4.1, I see no reason why you can't jump straight to 4.4.1. Of course you should first do this in a te

[Pdns-users] Upgrading Auth Server directly from 4.1.14 to 4.4.1

Hello, We are (still) using PowerDNS Auth Server 4.1.14 (on CentOS 7) with LDAP backend (simple mode). Can we upgrade directly to 4.4.1 provided we do pertinent config changes as described in the upgrade guide, or it is suggested to upgrade in steps, e.g. to the last point release of each ma

Re: [Pdns-users] Private IP Addresses in DNS Records

On 14/5/2021 3:50 μ.μ., Kevin P. Fleming wrote: I agree with this sentiment; my publicly-visible zones contain records with both private addresses and with non-reachable public addresses (IPv6 GUAs), and I'm fine with that. If someone can learn the address of one of those systems, that doesn't c

Re: [Pdns-users] Private IP Addresses in DNS Records

On 14/5/2021 10:17 π.μ., fr...@tembo.be wrote: To keep them hidden, what I would recommend, is to create private.noa.gr  as a separate zone (so add NS records for it in the noa.gr  zone and create a new zone), and add example.privrate.noa.gr

[Pdns-users] Private IP Addresses in DNS Records

Hello, We are using PowerDNS Authoritative Server 4.1.14 with LDAP backend. In our setup we are hosting our organization domain (noa.gr) and there is a number of additional servers which are synced via AXFR. In this setup we do NOT host name records for internal hosts with private ip address

Re: [Pdns-users] Dig: zone queries are not answered without the ANY flag

On 15/12/2017 2:35 μμ, Peter van Dijk wrote: Please do file your issue, with as much detail as possible Thank you Peter, I have filed: https://github.com/PowerDNS/pdns/issues/6097 Important note: After more testing, I found that the issue occurs *only in v4.0.5 and 4.1.0* and NOT in 4.0.4 (

Re: [Pdns-users] Dig: zone queries are not answered without the ANY flag

to help resolve it. Thank you, Nick On 15/12/2017 1:15 μμ, Nikolaos Milas wrote: Please identify the bug and correct it. ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/pdns-users

Re: [Pdns-users] Dig: zone queries are not answered without the ANY flag

Hello Pieter, Today I downgraded to Auth Server 4.0.3 and, voila!, everything works fine: [root@vdns ~]# rpm -qa | grep pdns pdns-recursor-4.0.8-1pdns.el7.x86_64 pdns-backend-ldap-4.0.3-1pdns.el7.x86_64 pdns-4.0.3-1pdns.el7.x86_64 [root@vdns ~]# pdnsutil check-zone noa.gr Dec 15 12:54:15 Readin

Re: [Pdns-users] Dig: zone queries are not answered without the ANY flag

On 14/12/2017 11:18 μμ, Eric Beck wrote: Try putting an A record for the domain there. ... Thank you Eric, I may try it; Which IP Address is suggested to be used? The master dns server's IP Address? The organization web server IP Address? Which? Yet, there remain more questions: 1. Why

Re: [Pdns-users] Dig: zone queries are not answered without the ANY flag

On 14/12/2017 10:11 μμ, Nikolaos Milas wrote: ... So, I tried disabling recursion entirely and running the Authoritative Server alone. However, the problem persists: ... In the meantime, I upgraded to Auth Server 4.1 (running standalone, without recursion on the same box), but the problem

Re: [Pdns-users] Dig: zone queries are not answered without the ANY flag

On 14/12/2017 5:23 μμ, Pieter Lexis wrote: It looks like you are using the authoritative server as a recursor for selected clients. This never works the way it is expected (or should). Hi Pieter, Actually, we don't need recursion any more. (It's been left over from the past.) So, I tried d

Re: [Pdns-users] Dig: zone queries are not answered without the ANY flag

On 13/12/2017 10:53 πμ, Pieter Lexis wrote: ... How is your set up? Please share your pdns.conf and recursor.conf. Also, can you show the output of `pdnsutil check-zone noa.gr`? ... Hi Pieter, Thank you for your reply. I list the details you requested below. I have also included our revers

Re: [Pdns-users] Dig: zone queries are not answered without the ANY flag

10.211#53(194.177.210.211) ;; WHEN: Wed Dec 13 00:44:20 2017 ;; MSG SIZE  rcvd: 74 (But we do get results when querying with the ANY flag, as I have demonstrated already.) What is the real cause of the problem and how to overcome it? Please advise! Thanks again, Nick On 12/12/2017 12:50 πμ,

[Pdns-users] Dig: zone queries are not answered without the ANY flag

Hello, I have recently upgraded to latest versions of pdns & pdns-recursor. I am now running (on CentOS 7.4.1708): pdns-4.0.5-1pdns.el7.x86_64 pdns-backend-ldap-4.0.5-1pdns.el7.x86_64 pdns-recursor-4.0.7-1pdns.el7.x86_64 using the LDAP Backend. Packages have been installed from powe

Re: [Pdns-users] TXT domain verification record (using @) issues

On 18/1/2017 4:20 μμ, Nikolaos Milas wrote: I tried to add a tXTRecord to the zone: dn: dc=noa.gr,ou=dns1,dc=noa,dc=gr objectClass: dNSDomain2 objectClass: domainRelatedObject dc: noa.gr associatedDomain: noa.gr nSRecord: vdns.noa.gr nSRecord: dns2.noa.gr nSRecord: sns0

Re: [Pdns-users] TXT domain verification record (using @) issues

On 18/1/2017 3:11 μμ, Jan-Piet Mens wrote: Are you sure the '@' doesn't refer to just zone apex, i.e. noa.grTXT "MS=ms..." Hmm, I am not sure. The directions are here: https://support.office.com/en-us/article/Create-DNS-records-for-Office-365-at-any-DNS-hosting-provider-7b7b0

[Pdns-users] TXT domain verification record (using @) issues

Hello, I am using PowerDNS 4 with LDAP backend (simple mode). I am facing the problem of having to define a "@" TXT record value for domain verification purposes. I have defined such a record in this way: dn: dc=@,dc=noa.gr,ou=dns1,dc=noa,dc=gr objectClass: dNSDomain2 objectClass: d

Re: [Pdns-users] Syslog not logging to configured facility

On 2/12/2016 11:09 μμ, Pieter Lexis wrote: This is because the systemd-journal is forwarded to syslog. You will need to remove the --disable-syslog flag from the PowerDNS Exec command in the service file to make PowerDNS*itself* log to syslog. Thank you Pieter, Your suggestion did the tric

Re: [Pdns-users] Syslog not logging to configured facility

On 1/12/2016 7:47 μμ, Pieter Lexis wrote: On CentOS 7, logging to syslog is disabled in the systemd unit file. You could ship the message via the systemd-journal_or_ create an override unit file to enable syslog. Thank you Pieter for your reply, In my system, rsyslog is in fact enabled and

[Pdns-users] Syslog not logging to configured facility

Hello, I have just started working with PDNS 4.0.1 (with LDAP backend), installed on CentOS 7 from the suggested repo. Installation went fine, but I am facing this problem: No matter how I try, pdns (and pdns-recursor) insists on logging to /var/log/messages and not to the configured facilit

Re: [Pdns-users] Configure private subdomain

On 4/3/2015 8:17 μμ, Michael Ströder wrote: This sounds a bit like a special case for split horizon DNS. I promised to configure a demo using powerdns with LDAP backend for this based on OpenLDAP ACLs and several powerdns instances using different LDAP identities. Feel free to come here and as

Re: [Pdns-users] Configure private subdomain

On 5/3/2015 8:53 πμ, Michael Ströder wrote: Yes, IMHO it's far easier to build up a replicated setup with the LDAP backend than with any SQL DB. We are using LDAP replication for powerdns (rather than normal master-slaves) for years. It is a great setup. >Unfortunately, Grégory Oestreicher'

Re: [Pdns-users] Configure private subdomain

On 4/3/2015 8:17 μμ, Michael Ströder wrote: This sounds a bit like a special case for split horizon DNS. Precisely. I promised to configure a demo using powerdns with LDAP backend for this based on OpenLDAP ACLs and several powerdns instances using different LDAP identities. Feel free to co

Re: [Pdns-users] Configure private subdomain

On 3/3/2015 2:44 μμ, Nikolaos Milas wrote: Ideally, we would like pdns to be configured to reply to requests *for particular names* (under a specific subdomain, say internal.example.com) by only providing records (if available, otherwise no results) and hide A records. This way we

Re: [Pdns-users] Configure private subdomain

On 3/3/2015 1:48 μμ, bert hubert wrote: I'm not entirely sure I understand your question, since AXFRs are not sent but requested. However, I am sure that 2.9.22 can't do this. Thanks for the reply. You are right. I used wrong terminology; I m

[Pdns-users] Configure private subdomain

Hello, We are using pdns-2.9.22 with LDAP backend, using the "Simple" LDAP architecture. The server is configured as authoritative for our root domain name, say example.com, and it performs AXFRs to other servers specified in nSRecord attribute. We would like to configure pdns so as to NOT

[Pdns-users] Naming hosts with public IPv6 and Private IPv4 addresses

Hello, I would like to ask for your experience and advice on the following situation: When we use a private IPv4 subnet (e.g. 10.10.10.0/24) with NAT (to access the Internet) and at the same time (i.e. on the same LAN or VLAN) we use a public IPv6 address

Re: [Pdns-users] dns flood problem

On 3/6/2013 1:10 μμ, Steffan Noord wrote: Hello Nick, Do you want to share your config with me. Wat are dns queries that we want to block ? Im starting the logs of pdns on a higher level I see some of these errors Received a malformed qdomain from 194.xx.xx.xx, 'error(2):\032Connection\032to

Re: [Pdns-users] dns flood problem

On 3/6/2013 11:48 πμ, Steffan Noord wrote: Last weekend i had a DNS attack Is there some kind of IDS i can install in front of the pdns installation ? Thanxs for any advice on this. Start from fail2ban. Easy to setup and very effective. Regards, Nick

Re: [Pdns-users] DNS Failover

On 19/4/2013 1:12 μμ, kalpesh thaker wrote: From my personal experiences, DNS failover does not always work as you would expect... mainly because you wont have much control over 3rd party recursors and of the way they cache TTL values. and by the time DNS does propogate... your mail server CNA

[Pdns-users] DNS Failover

Hello, We have two SMTP/POP/IMAP/Apache(Webmail) Servers, say mail1.example.com and mail2.example.com and we want to implement DNS-based failover. mail1.example.com is the main one; in case of mail1.example.com failure, DNS should redirect users as soon as possible to mail2.example.com. Is t

Re: [Pdns-users] Building pdns RPMs using custom LDAP libraries/headers

On 11/4/2013 9:51 μμ, a b wrote: That means that ./configure is using the compiler front end (gcc) to link the executable, which is correct and good, but is using LDFLAGS to do that, which is a mistake. For linking with the front end, the ./configure script should be using CFLAGS: -Wl,-rpa

Re: [Pdns-users] Building pdns RPMs using custom LDAP libraries/headers

On 11/4/2013 4:20 μμ, a b wrote: Please add "-rpath /usr/local/openldap/lib64" to your LDFLAGS so that you do not have to resort to LD_LIBRARY_PATH or ld.so.conf hacks. Hmm, it didn't work like that: LDFLAGS="${LDFLAGS} -L/usr/local/openldap/lib64 -lldap -llber -rpath /usr/local/openldap/lib

Re: [Pdns-users] Building pdns RPMs using custom LDAP libraries/headers

On 10/4/2013 10:44 πμ, Aki Tuomi wrote: LDFLAGS="-llber" ./configure OK, this worked! export LDFLAGS="-llber" %configure I am still puzzled why in my case the above "export" statement was needed, but anyway... And, if we want to link against the custom ldap libraries: CXXFLAGS="$

Re: [Pdns-users] Building pdns RPMs using custom LDAP libraries/headers

On 10/4/2013 12:33 πμ, Ruben Kerkhof wrote: There must be something broken in your setup, can you show us the same output as I just did? [root@vmres x86_64]# rpm -qf /usr/lib64/liblber.so openldap-devel-2.4.23-32.el6_4.x86_64 [root@vmres x86_64]# ls -l /usr/lib64/liblber* lrwxrwxrwx. 1 root r

Re: [Pdns-users] Building pdns RPMs using custom LDAP libraries/headers

On 9/4/2013 9:04 μμ, Ruben Kerkhof wrote: I haven't followed this thread closely, so I don't know what you're trying to accomplish, but powerdns is in the EPEL repo too. The src.rpm is at http://dl.fedoraproject.org/pub/epel/6/SRPMS/pdns-3.1-2.el6.src.rpm, try that one. I just tried to build

Re: [Pdns-users] Building pdns RPMs using custom LDAP libraries/headers

On 9/4/2013 5:30 μμ, Aki Tuomi wrote: This line here is the clue. You are missing -llber (/usr/lib64/llber.so) There is not such a lib (llber.so or lber.so or lldap.so or ldap.so) in any openldap installation either on CentOS/EL 5 or 6. If the process requires such libs, it's looking for so

Re: [Pdns-users] Building pdns RPMs using custom LDAP libraries/headers

On 22/3/2013 10:46 μμ, a b wrote: Actually, you could try the following in the .spec file; this assumes %_prefix=/usr/local/openldap in your .rpmmacros, since you wrote that you would rather not change it: O='$$O'; export O ORIGIN='$ORIGIN'; export ORIGIN CPPFLAGS="${CPPFLAGS} -I%{_prefix}/i

Re: [Pdns-users] Selective notifications

On 5/4/2013 4:59 μμ, a b wrote: Which problem(s) are you experiencing currently? Thank you, Since the last time I posted regarding my issues, I haven't been able to find time to test your latest suggestions, so I am still at that point. :-( Too much work, too many priorities for us poor pe

Re: [Pdns-users] [pdns-ldap-backend] Version 0.2 released

Forwarded from the pdns-ldap-backend mailing list. FYI: On 5/4/2013 11:37 πμ, Grégory Oestreicher wrote: Le Vendredi 5 Avril 2013 10:23 CEST, Nikolaos Milas a écrit: Therefore, I would suggest you coordinate with pdns managing team for the required actions to be taken for the inclusion in

[Pdns-users] pdns-ldap-backend version 0.2 released

Forwarded: On 4/4/2013 11:08 μμ, Grégory Oestreicher wrote: > After nearly three weeks without incidents reports the official version 0.2 of > the backend has been created. You can either get it from the Git repo, at the > tag 'v0.2', or download it from here: > http://sequanux.org/dl/pdns-ld

Re: [Pdns-users] Selective notifications

On 5/4/2013 9:56 πμ, Ruben d'Arco wrote: I believe that should solve your first two points, i suggest you provide a bit more information (logging, configuration) in the other thread on the last point. Thanks, I am aware of these tickets, I've also asked about them, see: http://www.mail-arch

Re: [Pdns-users] Selective notifications

Basically I would preferrably avoid the issues of: * Master notifying itself (both at IPv4 and IPv6 addresses) * Notifications sent to both IPv4 and IPv6 addresses of slaves * Multiple unnecessary notifications sent to IPv6 addresses (see another thread I opened yesterday) Although the abo

[Pdns-users] Multiple notifications when notifying IPv6 addresses

We have observed that when the master (v3.2) notifies a slave using an IPv6 address, then multiple unnecessary notifications are being sent. The same behavior is observed using pdns_control. One notification is sent when the target is notified over an IPv4 address, multiple notifications are s

[Pdns-users] Selective notifications

Hello, Is it possible to somehow disable auto notifications when running authoritative server (3.2) in master mode and use pdns_control to send notifications "manually" when required to whichever servers we want? Thanks, Nick ___ Pdns-users mailing

Re: [Pdns-users] Building pdns RPMs using custom LDAP libraries/headers

On 22/3/2013 6:23 pm, a b wrote: I did not mean that literally, sorry for the confusion. What I meant is that you muss pass the equivalent of --libdir=/usr/local/openldap/lib64 by using --libdir=%{_libdir}, which is a special RPM built-in macro. Thanks for your assistance. Sorry, I am not a

Re: [Pdns-users] Testing master functionality on ldap backend

On 22/3/2013 9:11 πμ, Ruben d'Arco wrote: This is by design and not specific to the ldap backend. Powerdns simply receives the nameservers from the backend and starts resolving the name to ip addresses. If that name has multiple ip addresses (v6 or v4), notifies will be send to all of them. T

Re: [Pdns-users] Building pdns RPMs using custom LDAP libraries/headers

On 20/3/2013 8:25 μμ, a b wrote: You need to pass --libdir=/usr/local/openldap/lib64 on the %configure line. Tried that, but the same error occurred. %configure \ --sysconfdir=%{_sysconfdir}/powerdns \ --libdir=/usr/local/openldap/lib64 \ --with-sqlite3 \ --with-socketdir=/var/

[Pdns-users] Testing master functionality on ldap backend

Hello, I am testing the new ldap backend (http://repo.or.cz/w/pdns-ldap-backend.git) under pdns v3.2 on CentOS 6.4 x86_64 I have a question: It seems the master is sending duplicate notifications to the slave, both at the IPv4 and at the IPv6 address. Is this expected behavior? Please expl

Re: [Pdns-users] Building pdns RPMs using custom LDAP libraries/headers

On 20/3/2013 8:38 μμ, a b wrote: What does "config.log" say regarding ldap? Thanks for the reply. Please, see below. Thanks, Nick === ... configure:18499: checking ldap.h usability configure:18499: g++ -c -D_GNU_SOURCE -O2 -g -pipe -Wall

Re: [Pdns-users] installing ldap as backend

On 19/3/2013 3:21 μμ, Jignesh Patel wrote: This talks about creating SRV records at org level, I would like to create an individual user level(i.e. ou=people). Sorry, I don't know about that. You mean you wou

Re: [Pdns-users] Building pdns RPMs using custom LDAP libraries/headers

On 19/3/2013 8:13 μμ, Nikolaos Milas wrote: But, as I mentioned, it even fails without any change in the spec file, simply trying to build with the standard CentOS 6 OpenLDAP packages. In that case, it should be using the default system lib dir: In the meantime, I tried building PowerDNS 3.2

Re: [Pdns-users] Building pdns RPMs using custom LDAP libraries/headers

On 19/3/2013 6:02 μμ, bert hubert wrote: Can you try LIBS=-L/usr/local/openldap/lib64 ./configure ... ? And can you double check a libldap.so lives there? Thanks, I just tried: LIBS="-L/usr/local/openldap/lib64" and (just in case): LIBS="${LIBS} -L/usr/local/openldap/lib64" but it

Re: [Pdns-users] Building pdns RPMs using custom LDAP libraries/headers

On 19/3/2013 5:28 μμ, Nikolaos Milas wrote: Can you please guide me on how to adapt the spec file so as to build correctly using the custom ldap libraries / headers? Hmm, actually now that I tried to build using even the standard CentOS 6 RPMs/libs/headers/, it still fails at the same point

[Pdns-users] Building pdns RPMs using custom LDAP libraries/headers

Hello, I'm trying to build PowerDNS 3.2 on CentOS 6.4 x86_64 using http://www.monshouwer.eu/download/3rd_party/pdns-server/el6/SRPMS/pdns-server-3.2-1.el6.MIND.src.rpm based NOT on standard el6/centos 6 LDAP libraries, but on those installed by LTB project's RPMs (see: http://ltb-project.org/

Re: [Pdns-users] installing ldap as backend

On 19/3/2013 2:23 μμ, Jignesh Patel wrote: For the UI my question is in the context of PDNS, not for LDAP UI. Is there any UI which can work PDNS(with LDAP). Not that I know of. I am definitely going to install phpLDAPAdmin, but is that sufficient? Depends on your needs. If

Re: [Pdns-users] installing ldap as backend

On 19/3/2013 3:15 πμ, Jignesh Patel wrote: Looks like pdns works with LDAP. Thanks to Beñat for his kind assistance to suggest removing white spaces after "=". Please report here how it behaves (errors etc.). Now I am seeing for efficient UI to view content. Besides JXplorer and phpLDAPadm

Re: [Pdns-users] installing ldap as backend

On 18/3/2013 10:37 μμ, Jignesh Patel wrote: ...Is there any good documentation for setting up powerdns with ldap? Official support has been dropped for LDAP backend by its former maintainer and, as a result, by PowerDNS too. v2.9.22 is the last working version, even with some limitations (

Re: [Pdns-users] Complie problem on PDNS on CENTOS5

On 6/2/2013 4:14 πμ, RBK1001 wrote: I really need instruction on how to complie PowerDNS 3.2 in CENTOS5 This thread might help you: http://www.mail-archive.com/pdns-users@mailman.powerdns.com/msg04162.html ...although it's for v2.9.22. This thread might help you too: http://www.mail-archi

Re: [Pdns-users] LDAP backend fork

It is with great surprise and interest that I belatedly noticed your recent effort with the LDAP backend. I had abandoned all hope that some development activity might happen with the ldap backend so, although a member, I had not been reading the pdns mailing list recently. In the past, I had

[Pdns-users] Support for GSS-TSIG Dynamic DNS Updates

Does PowerDNS support or will it support GSS-TSIG Secure Dynamic DNS Updates (proabably related: RFC 3645, 2930) for interoperability with dynamic Windoze clients? Thanks, Nick ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman

Re: [Pdns-users] soa-minimum-ttl not working

I confirm that the solution is to use the setting: default-ttl=86400 I am also using LDAP backend. Nick On 17/11/2010 9:41 πμ, Helge Milde wrote: As you can see in the example below, the SOA specifies a TTL value of 86400, which is where we want it to be. I've also changed soa-minimum-ttl t

Re: [Pdns-users] powerdns hangs when ldap backend is unavailable

OK, I filed it as Ticket 323. http://wiki.powerdns.com/trac/ticket/323 Nick On 29/10/2010 12:03 μμ, Ton van Rosmalen wrote: I suggest one of you open a feature request/bug on: http://wiki.powerdns.com/trac That would get it on Bert's list. ___

Re: [Pdns-users] powerdns hangs when ldap backend is unavailable

I totally agree. I even use a local ldap "slave" server (an openldap syncrepl consumer, on the powerdns box) using syncrepl (on openldap) to avoid any pdns service outage due to network problems which would prevent connectivity with ldap. (Thankfully, syncrepl does not hang when there is a netw

Re: [Pdns-users] powerdns hangs when ldap backend is unavailable

Even so, it seems it should be filed, if not as a bug, then as a critical feature request, because the back end SHOULD handle connectivity with the associated layer. Otherwise, one should monitor LDAP and, even at the slightest unavailability, he should r

Re: [Pdns-users] powerdns hangs when ldap backend is unavailable

Hi, I haven't received any feedback on this problem. If noone can suggest something, I think I should file it as a bug. Please, advise. Thanks, Nick On 24/10/2010 11:31 μμ, Nikolaos Milas wrote: I've noticed that when for some reason ldap is not available for a while (e.g. due

[Pdns-users] powerdns hangs when ldap backend is unavailable

Hi, I'm using powerdns 2.9.22 authoritative server with ldap backend (using openldap) on CentOS 5.5. I've noticed that when for some reason ldap is not available for a while (e.g. due to restart or due to network outage), powerdns stops responding to queries (which is natural, initially) and

Re: [Pdns-users] PowerDNS Recursor 3.3 released!

Hi Bert, Just wanted to mention that at powerdns.com homepage the latest recursor version still appears to be 3.2. The download links at the Downloads page have been updated to 3.3, but on the home page, neither the version number nor the download link have been updated. They're still 3.2!

Re: [Pdns-users] Announcing JPower Admin

Hi, Does it support (or will it support) LDAP backend? I've searched the source and it doesn't seem to mention ldap anywhere. Thanks, Nick On 12/10/2010 12:36 πμ, Jivko Sabev wrote: I have released yet another control panel for Power DNS. Some of the __

Re: [Pdns-users] NOTIFY by pdns master with ldap backend in next authoritative server releases?

sions). The above is a working solution (at least when few zones are involved). Still, - even by its nature - it *underlines the importance of supporting Notify natively in powerdns / ldap backend*. Thanks again to Jean-Piet Mens for notify-dns-slaves tool. Nick On 2/10/2010 4:58 μμ, Nikolaos Milas w

Re: [Pdns-users] Strange time drift in log

Information: I have filed a bug for this: http://wiki.powerdns.com/trac/ticket/317 Nick On 10/9/2010 6:43 μμ, Nikolaos Milas wrote: In any case, I think this issue should be corrected for the next release of powerdns authoritative server, because it makes no sense to have logging in a

Re: [Pdns-users] NOTIFY by pdns master with ldap backend in next authoritative server releases?

Thanks Nils, I have now filed a bug ("new enhancement") for this, it's No. 318. (http://wiki.powerdns.com/trac/ticket/318). Nick. On 2/10/2010 4:20 μμ, Nils Breunese (Lemonbit) wrote: I believe most public bug trackers a

[Pdns-users] Can a slave force quich refresh?

Hi, Can a slave (e.g. with BIND backend) force quick /refresh/ times, overriding the default SOA record value (as defined on the master zone)? In BIND9, one can use the max-refresh-time (and min-refresh-time) directive in a slave zone definition to do that. Does powerdns observe these optio

Re: [Pdns-users] NOTIFY by pdns master with ldap backend in next authoritative server releases?

First, the question why use ldap as dns backend tends to be more or less philosophical, but in two words, (at least) when you have medium sized zones and organizations, LDAP is *a very convenient central repository of all organizational information* and is easily administered using e.g. phplda

Re: [Pdns-users] NOTIFY by pdns master with ldap backend in next authoritative server releases?

end notify (when changed), as discussed earlier in this thread (something which I concluded could not be done with pdns_control for the ldap backend). Nick On 2/10/2010 1:01 μμ, Nikolaos Milas wrote: What does it mean by "Bad file descriptor&

Re: [Pdns-users] NOTIFY by pdns master with ldap backend in next authoritative server releases?

I have reached to the same conclusion. However, rebuilding openldap doesn't seem to be easy or straightforward (but I'll give it a try when I can)... It is commonly accepted that in production servers, pre-built, platform-specific RPMs are preferred (to avoid all sorts of problems), compiled

Re: [Pdns-users] NOTIFY by pdns master with ldap backend in next authoritative server releases?

Thanks again for your help, JP. I describe in short some more things I tried (I still need your guidance): Initially, I found out that the plugin was not being loaded in openldap (as recorded in ldap.log): /etc/openldap/slapd.conf: line 182: keyword ignored And: # slaptest -d 255 -f

Re: [Pdns-users] NOTIFY by pdns master with ldap backend in next authoritative server releases?

NS Servers defined for the zone. Also, I see no sign of logging anywhere... It's as if the configuration statement included in slapd.conf is accepted, but never doing something. Any hint? Nick On 30/9/2010 9:02 μμ, Nikolaos Milas wrote: Thanks JP, I just tried it. I installed it on my m

Re: [Pdns-users] NOTIFY by pdns master with ldap backend in next authoritative server releases?

Thanks JP, I just tried it. I installed it on my master pdns/ldap server (I had no installation problems), but I haven't managed to make it work (yet). It doesnt' seem to send notify. I have the following questions: 1. The LDAP server used by my pdns primary master is a SLAVE LDAP se

Re: [Pdns-users] NOTIFY by pdns master with ldap backend in next authoritative server releases?

ell script can do the job for you: * ldapsearch SOA records that changed today (provided your SOA numbering is using dates) * for each entry pdns_control notify domainname Just my $.02 Dennis Roos Nikolaos Milas wrote: Hi, I didn't receive any replies on this. As we are deploying a

Re: [Pdns-users] NOTIFY by pdns master with ldap backend in next authoritative server releases?

loyment architecture (type of slaves, type of remote slaves, etc.), because, unfortunately, we can't use ldap backend on all slaves, and we don't want those slaves to remain not-synchronized for long, nor we can use very short refresh times. Please, could you give a hint? Thanks, Nick O

[Pdns-users] Can a slave be a master (for other slaves) for the same zone?

Hi, I would like to ask whether *a slave* for a zone "example.com", say 10.10.10.5 (whose master - and the zone's primary master - is e.g. 10.10.10.2), can be configured *at the same time* as master for the same zone (example.com) with other slaves (e.g. 10.10.10.10 & 10.10.10.11) which wou

[Pdns-users] NOTIFY by pdns master with ldap backend in next authoritative server releases?

I know that ldap backend does not support NOTIFY (so it neither supports master/slave operation), and that this is due to LDAP specifications (or so). The same problem exists e.g. in BIND9 with sdb (ldap backend). The non-availability of triggers in openldap (the most widespread ldap server)

Re: [Pdns-users] Question on IPv6 with ldap backend

Waiting for a reply on this (ipv6 with ldap, tree mode), I decided to test simple mode and I found the solution with it. I still believe that the tree method would need a 34-level deep ldap structure (32 items for ipv6 address plus ip6 plus arpa), which renders it totally unsuitable for ipv6 u

[Pdns-users] Question on IPv6 with ldap backend

Hi, I would like some clarifications on the configuration of IPv6 zones on LDAP backend. I have a master pdns/ldap (tree mode) server hosting "example.com" and its reverse zone: 10.10.10.in-addr.arpa. The DNS server shall support IPv6. Questions: 1. For forward lookups, should I create

Re: [Pdns-users] Strange time drift in log

Hmm, I am not sure if I'll manage to compile myself... In any case, I think this issue should be corrected for the next release of powerdns authoritative server, because it makes no sense to have logging in a different time than system time. So I really hope that the next releases and the as

Re: [Pdns-users] Strange time drift in log

compiling. Thanks, Nick On 9/9/2010 1:34 μμ, Nikolaos Milas wrote:  Now:    # find / -name '*libldap*'    /usr/lib/libldap_r-2.3.so.0.2.31    /usr/lib/libldap-2.3.so.0    /usr/lib/libldap_r-2.3.so.0

Re: [Pdns-users] Successful, yet incomplete AXFR to BIND9 slave

ΟΚ Ken, Sorry for that. Sometimes I send html on purpose because with text only, lines wrap automatically and spoil the content. But this time there was no reason to send html, I admit. Often I click automatically the option "Send HTML only" when sending a message - so it may happen as well

Re: [Pdns-users] Successful, yet incomplete AXFR to BIND9 slave

/2010 11:24 πμ, Nikolaos Milas wrote: Would you have any hint about the Authority issue as well? ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users

Re: [Pdns-users] Strange time drift in log

I also installed compat-openldap and now I have: openldap-servers-2.3.43-12.el5_5.2 nss_ldap-253-25.el5 pdns-backend-ldap-2.9.21-4.el5.centos openldap-devel-2.3.43-12.el5_5.2 python-ldap-2.2.0-2.1 compat-openldap-2.3.43_2.2.29-12.el5_5.2 openldap-2.3.43-12.el5_5.2 openlda

Re: [Pdns-users] Strange time drift in log

By the way, The autoserial feature is not supported with the ldap backend according the documentation. Nick On 9/9/2010 11:27 πμ, Christian Hofstaedtler wrote: > * Christian Hofstaedtler [100909 09:56]: > probab

Re: [Pdns-users] Strange time drift in log

Thanks Christian, I tried to configure, but it fails: ... configure: error: ldap library (libldap) not found But there is libldap: # find / -name '*libldap*' /usr/lib/libldap_r-2.3.so.0.2.31 /usr/lib/libldap-2.3.so.0 /usr/lib/libldap_r-2.3.so.0 /usr/lib/libldap-2.3.so.0.2.31 Ni

Re: [Pdns-users] Successful, yet incomplete AXFR to BIND9 slave

Thanks Christian, That did the trick! Now AXFR works fine! I set sizelimit unlimited in slapd.conf You were right. The default max size in openldap is 500 and I didn't know it. Would you have any hint about the Authority issue as well? Thanks again, Nick On 9/9/2010 11:07 πμ, Christia

Re: [Pdns-users] Successful, yet incomplete AXFR to BIND9 slave

logging-facility=5 loglevel=8 log-dns-details=on recursor=127.0.0.1:5300 webserver-password=* webserver-port=8081 webserver-print-arguments=yes Nick On 9/9/2010 12:51 πμ, Nikolaos Milas wrote: Yes, I can see

Re: [Pdns-users] Successful, yet incomplete AXFR to BIND9 slave

Yes, I can see exactly where it stopped, but I can't find a reason why it did so. It seems to me as a typical host A record like all the others - it responds to dig queries as well. I exported it and it looks like that (I left only the hostname

Re: [Pdns-users] Successful, yet incomplete AXFR to BIND9 slave

n the AXFR set? I am waiting for your advice. I like pdns and I am trying to resolve issues so that it can replace (gradually) all BIND9 servers in our organization. Nick On 8/9/2010 11:26 μμ, Nikolaos Milas wrote: In my pdns/ldap (tree) on CentOS 5.5, I am setting up a domain (say: 'e

[Pdns-users] Successful, yet incomplete AXFR to BIND9 slave

In my pdns/ldap (tree) on CentOS 5.5, I am setting up a domain (say: 'example.com')  with its single SOA record. This has several virtual subzones (a.example.com, b.example.com etc.) which include their own MX records but are not delegated: the same NS

  1   2   >