Has anyone ever tried inserting presigned Zones via the PowerDNS API?
Ouch, I'd not want to have to do that...
Is an incoming XFR not an option? I know that works.
-JP
___
Pdns-users mailing list
Pdns-users@mailman.powerdns.com
I want to make DNS-DHCP-LDAP services to be tied together.
Is it able to be achieved with PowerDNS?
There's not much information contained in your question, and I am going to make
the mistake of assuming: if your DHCP leases are to be registered in a PowerDNS
LDAP backend, I don't think the
Packet for 'mydomain.com' denied: Signature with TSIG key 'dhcpupdate' does
not match the expected algorithm (hmac-sha256 / hmac-md5.sig-alg.reg.int)
It appears from very light research (old-fashioned word for 'googling') that
opensense/pfsense used to support HMAC-MD5 only [1], and the above
So my questions are : where does the key-id (returned in DNSKEY
records) comes from and how I can get it from DB ?
The key tag (or key ID) of a DNSKEY record is not stored in the database; it is
a value which is calculated from the binary key; see RFC 4034, appendix B.
Using pdnsutil show the
Any suggestions?
show whether sip. has other data and don't obfuscate names.
-JP
___
Pdns-users mailing list
Pdns-users@mailman.powerdns.com
https://mailman.powerdns.com/mailman/listinfo/pdns-users
You aren't reading what you're repeatedly being told; this list cannot offer
the level of knowledge you require.
-JP
___
Pdns-users mailing list
Pdns-users@mailman.powerdns.com
https://mailman.powerdns.com/mailman/listinfo/pdns-users
I have the same question
before asking very general and extremely easy to search for questions on a
dedicated server mailing-list, have you considered actually learning a bit
about what you are about to do?
You will require at least basic DNS knowhow on authoritative servers and
recursive
* [1]Structured Logging has been implemented for almost all
subsystems. This allows for improved (automated) analysis of
logging information.
Is there any further documentation about this other than the link you added and the
"Logging" [2] section in the documentation?
What
Can you please advise how to configure Pdns Authoritative 4.5.4
master/slave replication?
You have not told us what your configuration looks like, what you've done,
which documentation you've studied, and which tests you've conducted.
-JP
dig @200.7.160.10 umsa.bo soa +norec
That server is responding authoritatively (flags: AA), which is fine.
Please, tell me How can I to change or to config PDNS to get SOA request.
by querying for the SOA request as you did above.
Running the command dig doesn't show
AUTHORITY SECTION and
dig @127.0.0.1 zone-name.bo soa +norec
zone-name.bo is NXDOMAIN.
-JP
___
Pdns-users mailing list
Pdns-users@mailman.powerdns.com
https://mailman.powerdns.com/mailman/listinfo/pdns-users
And don't forget that there is the ALIAS pseudo resource record for
this purpose.
Actually I purposesly forget ALIAS as it's nonstandard. :)
-JP
___
Pdns-users mailing list
Pdns-users@mailman.powerdns.com
CNAME @ APEX questions:
There is no such thing. "No CNAME and other data" is the rule.
Fired off too quickly. RFC 1912 2.4 clarifies this [1]
-JP
[1] https://www.ietf.org/rfc/rfc1912.txt
___
Pdns-users mailing list
Does PowerDNS load all of the zones into memory, and then start
serving (like BIND), or does it load each zone and start serving said
zone immediately upon load (like KNOT)?
Neither nor. It waits for a query and then goes to the backend to search
for an answer to that query, unless the answer
I don't like to compare pDNS with Bind, but ZSK Rollover is built in since Bind
9.7.
BIND's key rollover "automation" was such that keys had to be created and a
rollover could then be kicked; alternatively timing information in the key
metadata ensured that.
Be that as it may, comparing BIND
Indeed, PowerDNS produces RRSIGs on the fly
I forgot to mention: query your primary server with `dig .. +dnssec`,
and you should see the RRISGs.
-JP
___
Pdns-users mailing list
Pdns-users@mailman.powerdns.com
My question is: Why RRSIG registers are missing on my primary server?
They aren't missing. :-)
If you look carefully at the zone as it was transferred to your
secondaries, you will see the RRSIGs, so they must have come from
somewhere, right, particularly as the zone is indicated as being
For Letsencrypt protocol to generate certificate I have to enable zone
transfer in my powerdns.
I think you mean "DNS Updates" for Let's Encrypt dns-01, but I don't
believe these are possible in PowerDNS with the LDAP backend.
-JP
___
Please, mr. troll, go somewhere else
Insulting Ruben is not going to get you very far in your quest for help.
-JP
[1] https://blog.powerdns.com/2016/01/18/open-source-support-out-in-the-open/
___
Pdns-users mailing list
19 matches
Mail list logo