On 27/03/2020 16:23, Matthew Monaco via Pdns-users wrote:
What is PDNS protecting me from by requiring that the slave keeps a list of master IPs in the `domains` table?

Notifies are optional and unreliable, so they can't be depended on.

By design, slaves contact the master periodically, to check that they have the up-to-date data: they query the SOA serial number and check to see if it has increased on the master, and if so, perform an AXFR.  The interval at which they perform this check is controlled by the SOA - actually two fields, one for normal retry interval and one for retry after failure.

The master field in the SOA record is not used for zone transfers - it's really just an FYI field as a hint when debugging. Consider that you can have a chain of master -> slave1 -> slave2, and slave1/slave2 need to be configured differently to point to their respective upstream.  Nor is the source IP address of a notify, should it arrive, used as the master address.

You say you are already doing dynamic DNS updates for the master's A/AAAA records.  I don't know if powerdns supports resolving a hostname for the master (I'm pretty sure BIND only allows IP addresses).  However you could write a script which resolves the master's DDNS name every 5 minutes or whatever, and then updates the IP address in the domains table.

HTH,

Brian.

_______________________________________________
Pdns-users mailing list
Pdns-users@mailman.powerdns.com
https://mailman.powerdns.com/mailman/listinfo/pdns-users

Reply via email to