HI, i am studying migrating my old bind to powerdns i am currently making tests with a bind backend (because migration is easy)
everything that i use works well except TSIG. I indeed need some machines on my network to update dns record. is the TSIG feature supported with only the bind backend? if yes, what's wrong in my config? i have the following config: 4.9.0-13-amd64 #1 SMP Debian 4.9.228-1 (2020-07-05) x86_64 GNU/Linux root@strongswan-lab:~# dpkg -l | grep pdns ii pdns-backend-bind 4.4.0~alpha0+master.700.g573dc48f2-1pdns.stretch amd64 BIND backend for PowerDNS ii pdns-server 4.4.0~alpha0+master.700.g573dc48f2-1pdns.stretch amd64 extremely powerful and versatile nameserver subset of /etc/powerdns/pdns.conf: allow-notify-from=10.0.0.0/8,0.0.0.0/0,::/0 allow-unsigned-notify=yes include-dir=/etc/powerdns/pdns.d local-port=5300 setgid=pdns setuid=pdns webserver-address=10.46.0.37 webserver-allow-from=10.46.0.0/16,192.168.0.0/16,172.0.0.0/8 and only a file /etc/powerdns/pdns.d/bind.conf in /etc/powerdns/pdns.d launch=bind bind-config=/usr/local/bind-for-powerdns/etc/named.conf bind-supermaster-config=/var/lib/powerdns/supermaster.conf bind-supermaster-destdir=/var/lib/powerdns/zones.slave.d /var/lib/powerdns/supermaster.conf is an empty file and /var/lib/powerdns/zones.slave.d is an empty dir revelant info in is: key "rndc-key" { algorithm hmac-md5; secret "base64secret"; }; zone "gcn.systems" { type master; file "/usr/local/bind-for-powerdns/var/cache/bind/db.gcn.systems"; allow-update { key rndc-key; }; allow-transfer { key rndc-key; }; }; root@strongswan-lab:~# cat /usr/local/bind-for-powerdns/var/cache/bind/db.gcn.systems $ORIGIN . $TTL 907200 ; 1 week 3 days 12 hours gcn.systems IN SOA cortex.gcn-lab.fr. root.gcn.systems. ( 440431 ; serial 10800 ; refresh (3 hours) 3600 ; retry (1 hour) 604800 ; expire (1 week) 38400 ; minimum (10 hours 40 minutes) ) NS cortex.gcn-lab.fr. $TTL 10800 ; 3 hours A 217.70.184.38 MX 10 spool.mail.gandi.net. MX 50 fb.mail.gandi.net. $ORIGIN gcn.systems. $TTL 300 ; 5 minutes cassandra-0-azure-terraformtesting-aks A <ip_masked> chef-azure-terraformtesting-aks A <ip_masked> haproxy-0-azure-terraformtesting-aks A <ip_masked> haproxy-1-azure-terraformtesting-aks A <ip_masked> influxdb-azure-terraformtesting-aks A <ip_masked> kafka-0-azure-terraformtesting-aks A <ip_masked> vpngw-azure-terraformtesting-aks A <ip_masked> Note: cortex.gcn-lab.fr is the actual bind nameserver i took zone file from Thanks for helping best regards BENOIT Frederic
_______________________________________________ Pdns-users mailing list Pdns-users@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/pdns-users