Re: [Pdns-users] What is best practice with Primary and Secondary (multiple) PowerDNS Servers?
On 18/11/2020 04.04, Steven Garner via Pdns-users wrote: What is the accepted best practice with Primary and Secondary (multiple) PowerDNS Servers? Assume PowerDNS server is set up with a MySQL (or other) database back-end. With at least 2 servers each on different networks, should the master instance of PowerDNS and each slave instance query the same MySQL DB, or should each one have its own local MySQL DB? If you have multiple instances that query the same database on a single database server, you don't have any redundancy, then why not just have a single DNS-server too? MySQL supports replication, so I'd suggest running a replica of you DNS database along with your auth DNS server. Should your master database server fail, you'll be unable to update your DNS records, but you'll still be able to answer DNS queries based on the replicas. Best regards, Jacob ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] What is best practice with Primary and Secondary (multiple) PowerDNS Servers?
On Tue, Nov 17, 2020 at 7:04 PM Steven Garner via Pdns-users < pdns-users@mailman.powerdns.com> wrote: > What is the accepted best practice with Primary and Secondary (multiple) > PowerDNS Servers? > > Assume PowerDNS server is set up with a MySQL (or other) database > back-end. With at least 2 servers each on different networks, should the > master instance of PowerDNS and each slave instance query the same MySQL > DB, or should each one have its own local MySQL DB? > > My 2 cents: Don't know if it's best practice, but we run local dbs on all replicas (and pretty sure that's very common). It's DNS, so it's nice to avoid the extra latency of talking to a remote database, and for us, the concurrency would be too high (we're web hosting, so it's a very random, only mildly cacheable dataset). It's certainly extra administrative overhead to run dbs on every replica, but you get horizontal scaling out of the bargain. If you have a small dataset (i.e. very very high cache hit rate, in which case you're hardly hitting the db), then a central db might work for you. We run dnsdist in front of pdns auth too (love it btw). If your dataset is smallish (again, very cacheable), you might even consider running a bunch of frontend dnsdist instances talking to a small set of pdns auth backends (or a frontend recursor, but I like dnsdist better), to keep your mysql infrastructure smaller/tidier. What does your DNS dataset look like? How many domains, how many records, how many dns reqs/sec? ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/pdns-users
[Pdns-users] What is best practice with Primary and Secondary (multiple) PowerDNS Servers?
What is the accepted best practice with Primary and Secondary (multiple) PowerDNS Servers? Assume PowerDNS server is set up with a MySQL (or other) database back-end. With at least 2 servers each on different networks, should the master instance of PowerDNS and each slave instance query the same MySQL DB, or should each one have its own local MySQL DB? (posted on https://superuser.com/questions/1603019/what-is-best-practice-with-primary-and-secondary-multiple-powerdns-servers ) ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] Question about Powerdns remote database backend best practices
Hi Thomas, Thanks for your response on this! IIUC, what you recommend is still having MySQL and PowerDNS created on one instance and scale the instance setup horizontally? If that’s the case, will the MySQL on the single node be bounded by its resources locally to scale when we have a lot of records? Thanks. Jianan.-- Jianan Wang ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] Question about Powerdns remote database backend best practices
The way to scale is to have a config management that allows easy setup of many servers running the MySQL + PDNS Stack. On 11/17/20 10:47 AM, Jianan Wang via Pdns-users wrote: Hi there, Recently I’m trying out PowerDNS, and I’m pretty enjoy the flexibility and abundant API and Powedns admin UI compared to our regular bind deployment. I’m currently using a remote MySQL as backend to serve the request, and as recommended by the wiki, I use IP to avoid the Chicken-Egg problem when using DNS. However, one thing I’m wondering is that how to make this ip based remote backend solution more production ready. From what I have read on many tutorials online, most of the MySQL database are set up locally, which I think is good for POC, but local is not scalable and easy to manage when database entries scale up. However, if we use ip based solution, normal corp database deployment will have master and slave, and it is hard to manage if we hardcode an ip, which is subject to change from master to slave or vice versa, in the config. Any suggestion or comment is welcomed. Thanks in advance. Best regards. Jianan. -- Jianan Wang ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/pdns-users ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] recursor failing to pick up change in master .ca zone file
On Mon, 2020-11-16 at 16:17 +, Brian Candler via Pdns-users wrote: > Or were you getting NXDOMAIN for the query (for a newly-created domain?) > Negative answers are also cached. The .ca SOA record says they can be cached > for one hour: > ;; ANSWER SECTION: > ca.3585INSOAprdpublish04.cira.ca. admin-dns.cira.ca. > 2011161530 1800 900 3456000 3600 One could get even more unlucky: $ for f in $(dig +short ns ca. | sort) ; do echo $f:$(dig +noall +auth a doesnotexist-234234234.ca @$f) ; done any.ca-servers.ca.:ca. 3600 IN SOA prdpublish04.cira.ca. admin-dns.cira.ca. 2011171330 1800 900 3456000 3600 c.ca-servers.ca.:ca. 3600 IN SOA prdpublish04.cira.ca. admin-dns.cira.ca. 2011171330 1800 900 3456000 3600 j.ca-servers.ca.:ca. 3600 IN SOA prdpublish04.cira.ca. admin-dns.cira.ca. 2011171330 1800 900 3456000 3600 x.ca-servers.ca.:ca. 86400 IN SOA prdpublish04.cira.ca. admin-dns.cira.ca. 2011171330 1800 900 3456000 3600 1 of the 4 NSes (as seen from where I am) advertises a full day! Kind regards, -- Peter van Dijk PowerDNS.COM BV - https://www.powerdns.com/ ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/pdns-users
[Pdns-users] Question about Powerdns remote database backend best practices
Hi there, Recently I’m trying out PowerDNS, and I’m pretty enjoy the flexibility and abundant API and Powedns admin UI compared to our regular bind deployment. I’m currently using a remote MySQL as backend to serve the request, and as recommended by the wiki, I use IP to avoid the Chicken-Egg problem when using DNS. However, one thing I’m wondering is that how to make this ip based remote backend solution more production ready. From what I have read on many tutorials online, most of the MySQL database are set up locally, which I think is good for POC, but local is not scalable and easy to manage when database entries scale up. However, if we use ip based solution, normal corp database deployment will have master and slave, and it is hard to manage if we hardcode an ip, which is subject to change from master to slave or vice versa, in the config. Any suggestion or comment is welcomed. Thanks in advance. Best regards. Jianan. -- Jianan Wang ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/pdns-users
