Hi Richard, Richard McLean schreef: > Hi all, > > > From Stefan's answer yesterday on the AXFR question: > > On 06/08/2010, at 12:55 AM, Stefan Schmidt wrote: > >> "The set of NS records for the domain, as retrieved by the slave from the >> supermaster, must include the name that goes with the IP address in the >> supermaster table" >> > > > I have wondered about this. We'd love to implement a hidden supermaster type > setup, using AXFR, which auto-updates the 4 main name servers, but is *not* > in the list of name servers for a domain and is not publicly available. Is > the > restriction above able to be worked around or turned off? > No, this is not a restriction. In our setup we've added the ip address in the supermasters-table like this: +---------------+--------------------+----------+ | ip | nameserver | account | +---------------+--------------------+----------+ | xx.xx.xx.xx | <name of primary server in public NS list> | internal |
The hidden master on xx.xx.xx.xx will send the update-notification to all public ns's as listed in the zone. The public ns's in turn will axfr the new domain from the hidden master on it's ip. Regards, Ton I' _______________________________________________ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
