Hi Philippe!
I also had such a workaround in mind, but I feared it may cause troubles
when someone sends a DNS lookup explicitely for NS record.
Today I stumbled across a new option in git head (will be available in
PowerDNS 3.4):
#################################
# only-notify Only send AXFR NOTIFY to these IP addresses or netmasks
#
# only-notify=0.0.0.0/0,::/0
I use it and allow basically nothing, and it seems to work.
only-notify=0.0.0.0/32,::/128
I also created a feature request for explicit notifications:
https://github.com/PowerDNS/pdns/issues/1340
Note: When upgrading to HEAD/3.4 you have to update the DB-Schema:
ALTER TABLE records ADD disabled BOOLEAN DEFAULT 'f';
regards
Klaus
On 21.03.2014 09:57, Philippe M wrote:
Hi Klaus,
i do a bad way, but it somehow works with no problems at the moment, so
if you haven't found any other way, you might want to try it.
I added this line in pdns.conf of my Master:
gpgsql-basic-query-auth=select content,ttl,prio,type,domain_id,name,auth
from records where type='%s' and type !='NS' and name='%s'
This manipulates the Query which is send by PowerDNS to the Database to
get the records.
With the change it always get a normal Answer except when it wants to
know the Nameserver to send a notify.
(AXFR transfer the Records normal - with the NS Records / because it
uses another Query)
I don't know if there is a better way to do it, but this works for me at
the moment.
(If you find a better one let me know)
Kind regards,
Philippe
Klaus Darilion <[email protected]> schrieb am 13:31 Mittwoch,
19.März 2014:
Hi!
I have pdns as bum in the wire, acting for a certain zone as SLAVE and
as MASTER. Therefore I had to set slave-renotify=yes.
The downstream slaves receive NOTIFYs via the ALSO-NOTIFY
domainmetadata, both PDNS notifies also the name servers in the NS records.
Is there a way to notify only the ALSO-NOTIFY-nameservers and to not
notify the NS name servers? (Similar to Bind's "notify explicit" feature)
Thanks
Klaus
_______________________________________________
Pdns-users mailing list
[email protected] <mailto:[email protected]>
http://mailman.powerdns.com/mailman/listinfo/pdns-users
_______________________________________________
Pdns-users mailing list
[email protected]
http://mailman.powerdns.com/mailman/listinfo/pdns-users
_______________________________________________
Pdns-users mailing list
[email protected]
http://mailman.powerdns.com/mailman/listinfo/pdns-users
