Hi Klaus, Thanks for clarification.
I wasn’t aware that every PDNS-Server instance is doing the DNSSEC singing inline and on the fly. I guess you’re right, there are minimal writes to PDNS only via nsupdate. Is there any way to forward those requests to the writable instance or do I have to specify the right one in the nsupdate dialog? Best regards, Fabian > On 15. Oct 2017, at 21:00, Klaus Darilion <[email protected]> > wrote: > > Am 07.10.2017 um 22:59 schrieb Fabian: >> Hi, >> >> I have some questions regarding the integration of PostgreSQL replication >> and PowerDNS operating in native mode. >> As the replication of Postgres is a master - slave replication the >> transactions on the slaves are read-only. >> >> - Is there a way to delegate all write operations the the PowerDNS “master” >> (the one using the PostgreSQL master instance), like "forward-dnsupdate=yes” >> does for dnsupdates? > > Are there any write operations? In native mode I guess there shouldn'T be any > write queries - maybe only for DNSSEC key management. > > Maybe if you do some fancy stuff only against the PowerDNS which uses the > Postgres-Master then it should work. >> - How does the DNSSEC inception works with the native mode? Will the >> “master” try to re-sign the zone or are all PowerDNS servers trying to >> re-sign the zone (with failures on the read-only databases)? > AFAIK PowerDNS does online-signing - hence the signatures are not in the DB. > Hence, every node does signing on its own (A PowerDNS server does not know if > the Postgresql DB is a replication slave or master). > > What exactly is your problem? > > regards > Klaus _______________________________________________ Pdns-users mailing list [email protected] https://mailman.powerdns.com/mailman/listinfo/pdns-users
