I never used nsupdate with PDNS yet. But I think the most easy approach would be to solve this issue at application level - hence nsupdate should send the update not to any PDNS server, but to the single PDNS Server which has write permissions to the DB. All other PDNS servers should have read-only access to there slave-DB.
regards Klaus Am 17.10.2017 um 22:26 schrieb Fabian: > Hi Klaus, > > Thanks for clarification. > > I wasn’t aware that every PDNS-Server instance is doing the DNSSEC singing > inline and on the fly. > > I guess you’re right, there are minimal writes to PDNS only via nsupdate. > Is there any way to forward those requests to the writable instance or do I > have to specify the right one in the nsupdate dialog? > > Best regards, > Fabian > >> On 15. Oct 2017, at 21:00, Klaus Darilion <[email protected]> >> wrote: >> >> Am 07.10.2017 um 22:59 schrieb Fabian: >>> Hi, >>> >>> I have some questions regarding the integration of PostgreSQL replication >>> and PowerDNS operating in native mode. >>> As the replication of Postgres is a master - slave replication the >>> transactions on the slaves are read-only. >>> >>> - Is there a way to delegate all write operations the the PowerDNS “master” >>> (the one using the PostgreSQL master instance), like >>> "forward-dnsupdate=yes” does for dnsupdates? >> >> Are there any write operations? In native mode I guess there shouldn'T be >> any write queries - maybe only for DNSSEC key management. >> >> Maybe if you do some fancy stuff only against the PowerDNS which uses the >> Postgres-Master then it should work. >>> - How does the DNSSEC inception works with the native mode? Will the >>> “master” try to re-sign the zone or are all PowerDNS servers trying to >>> re-sign the zone (with failures on the read-only databases)? >> AFAIK PowerDNS does online-signing - hence the signatures are not in the DB. >> Hence, every node does signing on its own (A PowerDNS server does not know >> if the Postgresql DB is a replication slave or master). >> >> What exactly is your problem? >> >> regards >> Klaus > _______________________________________________ Pdns-users mailing list [email protected] https://mailman.powerdns.com/mailman/listinfo/pdns-users
