[Pdns-users] PowerDNS Recursor (+PDNS?) and auto-update of local hostname DNS

2020-10-16 Thread Nicholas Williams via Pdns-users 
Hello all,

For background/context, I currently run a geographically-dispersed PowerDNS 
infrastructure with a MySQL backend publicly, and then on a private network I 
run PowerDNS Recursor for name resolution.

My router software is VyOs , which is the base OS on 
which UniFi’s router software is based. It is set up to push out the IP 
addresses for my PowerDNS Recursor servers with DHCP assignments. Recursor has 
a single authoritative domain for which it uses a hand-coded zone file to serve 
out the static IPs for all the known hostnames on the internal network. It 
recurses all other domains. 

I know that when hosts get DHCP assignments, they can tell the DHCP server what 
their hostname is, and the DHCP server can do “something” with that. As much as 
I know about DNS, I find myself not knowing what this protocol is called or how 
it works. What I would like to do is add/update that host name to the 
authoritative local domain. I don’t think I can do this with just Recursor (but 
maybe I’m wrong). I think I will probably need to also run an Authoritative 
server and point Recursor to that server for the local domain.

What I am looking for are any suggestions, tutorials, documentation, or 
write-ups about how to do this. I think I can probably hack a non-standard 
solution with a Lua script that runs on my router to execute a command to 
update a host MySQL record every time a DHCP assignment happens, but I am 
hoping that there is an accepted/standard/common way of doing this that I don’t 
know about.

Thoughts?

Thanks,

Nick___
Pdns-users mailing list
Pdns-users@mailman.powerdns.com
https://mailman.powerdns.com/mailman/listinfo/pdns-users

Re: [Pdns-users] Pdns master-slave replication issue

2020-10-16 Thread Satish Patel via Pdns-users 
This is what i found is i changed port (local-port=5300) to 53 and
stopped pdns-recursor (This is also running on 53) then my replication
worked fine without any issue but it doesn't work with 5300 ports. I
have production pdns running on the 4.1.1 version which has no issue.
looks like 4.3.1 has some strange bug and doesn't like 5300 ports.

I need pdns-recursor because I am using a forwarder to other DNS also.

On Fri, Oct 16, 2020 at 3:25 PM Satish Patel  wrote:
>
> Thanks for reply, I do have whitelisted slave IP (whole subnet
> 10.64.0.0/21) and I am not using TSIG at this point because its
> internal DNS (not looking for any security at this point)
>
> My master config:
>
> setuid=pdns
> setgid=pdns
> launch=bind
> allow-axfr-ips=10.64.0.0/21
> allow-dnsupdate-from=127.0.0.0/8,10.64.0.0/21,::1
> also-notify=10.64.0.11:5300
> only-notify=
> api=yes
> api-key=
> disable-axfr=no
> dnsupdate=yes
> local-port=5300
> log-dns-details=yes
> log-dns-queries=yes
> master=yes
> webserver=no
> launch=gmysql
> gmysql-host=localhost
> gmysql-user=pdns-admin
> gmysql-password=XXX
> gmysql-dbname=pdns
>
> My Slave config:
>
> setuid=pdns
> setgid=pdns
> launch=bind
> allow-notify-from=10.64.0.10/32
> allow-dnsupdate-from=10.64.0.10/32
> api=no
> disable-axfr=no
> dnsupdate=yes
> local-port=5300
> log-dns-details=yes
> log-dns-queries=yes
> loglevel=999
> master=no
> slave=yes
> superslave=yes
> slave-cycle-interval=60
> webserver=no
> launch=gmysql
> gmysql-host=localhost
> gmysql-user=pdns-admin
> gmysql-password=XX
> gmysql-dbname=pdns
>
> MySQL supermaster
>
> MariaDB [pdns]> select * from supermasters;
> +++-+
> | ip | nameserver | account |
> +++-+
> | 10.64.0.10 | ns2.foo.example.net | admin   |
> +++-+
>
> On Fri, Oct 16, 2020 at 2:54 PM Michael Rommel  wrote:
> >
> > Hi,
> >
> > you could look at the config whether you have whitelisted the ip of the 
> > slave on the master for zone transfers (AXFR).
> >
> > Secondly, if you have configured, that only signed transfers are allowed, 
> > look whether the correct TSIG keys are configured on master and slave.
> >
> > HTH,
> >
> >   Michael.
> >
> > --
> > Michael Rommel, Erlangen, Germany
> >
> > > On 16. Oct 2020, at 20:36, Satish Patel via Pdns-users 
> > >  wrote:
> > >
> > > Folks,
> > >
> > > I have installed fresh PowerDNS version pdns-4.3.1-1 on centOS8 and
> > > setup master-slave for replication. when i added a new zone on master
> > > i got the following error on slave server logs, any idea what is
> > > wrong?
> > >
> > > I did add a supermaster entry and SOA NS record etc so i can confirm
> > > they are good and correct.
> > >
> > > Oct 16 14:01:23 pdns-2.foo.example.net pdns_server[27983]: 1 slave
> > > domain needs checking, 0 queued for AXFR
> > > Oct 16 14:01:23 pdns-2.foo.example.net pdns_server[27983]: Received
> > > serial number updates for 1 zone, had 0 timeouts
> > > Oct 16 14:01:23 pdns-2.foo.example.net pdns_server[27983]: Domain
> > > 'foo.example.net' is empty, master serial 2020101603
> > > Oct 16 14:01:23 pdns-2.foo.example.net pdns_server[27983]: Initiating
> > > transfer of 'foo.example.net' from remote '10.64.0.10'
> > > Oct 16 14:01:23 pdns-2.foo.example.net pdns_server[27983]: Starting
> > > AXFR of 'foo.example.net' from remote 10.64.0.10
> > > Oct 16 14:01:23 pdns-2.foo.example.net pdns_server[27983]: Unable to
> > > AXFR zone 'foo.example.net' from remote '10.64.0.10' (resolver): AXFR
> > > chunk error: Server Failure (This was the first time. Excluding zone
> > > from slave-checks until 1602871343)
> > > ___
> > > Pdns-users mailing list
> > > Pdns-users@mailman.powerdns.com
> > > https://mailman.powerdns.com/mailman/listinfo/pdns-users
> >
___
Pdns-users mailing list
Pdns-users@mailman.powerdns.com
https://mailman.powerdns.com/mailman/listinfo/pdns-users

Re: [Pdns-users] Pdns master-slave replication issue

2020-10-16 Thread Satish Patel via Pdns-users 
Adding powerdns mailing list.

On Fri, Oct 16, 2020 at 3:25 PM Satish Patel  wrote:
>
> Thanks for reply, I do have whitelisted slave IP (whole subnet
> 10.64.0.0/21) and I am not using TSIG at this point because its
> internal DNS (not looking for any security at this point)
>
> My master config:
>
> setuid=pdns
> setgid=pdns
> launch=bind
> allow-axfr-ips=10.64.0.0/21
> allow-dnsupdate-from=127.0.0.0/8,10.64.0.0/21,::1
> also-notify=10.64.0.11:5300
> only-notify=
> api=yes
> api-key=
> disable-axfr=no
> dnsupdate=yes
> local-port=5300
> log-dns-details=yes
> log-dns-queries=yes
> master=yes
> webserver=no
> launch=gmysql
> gmysql-host=localhost
> gmysql-user=pdns-admin
> gmysql-password=XXX
> gmysql-dbname=pdns
>
> My Slave config:
>
> setuid=pdns
> setgid=pdns
> launch=bind
> allow-notify-from=10.64.0.10/32
> allow-dnsupdate-from=10.64.0.10/32
> api=no
> disable-axfr=no
> dnsupdate=yes
> local-port=5300
> log-dns-details=yes
> log-dns-queries=yes
> loglevel=999
> master=no
> slave=yes
> superslave=yes
> slave-cycle-interval=60
> webserver=no
> launch=gmysql
> gmysql-host=localhost
> gmysql-user=pdns-admin
> gmysql-password=XX
> gmysql-dbname=pdns
>
> MySQL supermaster
>
> MariaDB [pdns]> select * from supermasters;
> +++-+
> | ip | nameserver | account |
> +++-+
> | 10.64.0.10 | ns2.foo.example.net | admin   |
> +++-+
>
> On Fri, Oct 16, 2020 at 2:54 PM Michael Rommel  wrote:
> >
> > Hi,
> >
> > you could look at the config whether you have whitelisted the ip of the 
> > slave on the master for zone transfers (AXFR).
> >
> > Secondly, if you have configured, that only signed transfers are allowed, 
> > look whether the correct TSIG keys are configured on master and slave.
> >
> > HTH,
> >
> >   Michael.
> >
> > --
> > Michael Rommel, Erlangen, Germany
> >
> > > On 16. Oct 2020, at 20:36, Satish Patel via Pdns-users 
> > >  wrote:
> > >
> > > Folks,
> > >
> > > I have installed fresh PowerDNS version pdns-4.3.1-1 on centOS8 and
> > > setup master-slave for replication. when i added a new zone on master
> > > i got the following error on slave server logs, any idea what is
> > > wrong?
> > >
> > > I did add a supermaster entry and SOA NS record etc so i can confirm
> > > they are good and correct.
> > >
> > > Oct 16 14:01:23 pdns-2.foo.example.net pdns_server[27983]: 1 slave
> > > domain needs checking, 0 queued for AXFR
> > > Oct 16 14:01:23 pdns-2.foo.example.net pdns_server[27983]: Received
> > > serial number updates for 1 zone, had 0 timeouts
> > > Oct 16 14:01:23 pdns-2.foo.example.net pdns_server[27983]: Domain
> > > 'foo.example.net' is empty, master serial 2020101603
> > > Oct 16 14:01:23 pdns-2.foo.example.net pdns_server[27983]: Initiating
> > > transfer of 'foo.example.net' from remote '10.64.0.10'
> > > Oct 16 14:01:23 pdns-2.foo.example.net pdns_server[27983]: Starting
> > > AXFR of 'foo.example.net' from remote 10.64.0.10
> > > Oct 16 14:01:23 pdns-2.foo.example.net pdns_server[27983]: Unable to
> > > AXFR zone 'foo.example.net' from remote '10.64.0.10' (resolver): AXFR
> > > chunk error: Server Failure (This was the first time. Excluding zone
> > > from slave-checks until 1602871343)
> > > ___
> > > Pdns-users mailing list
> > > Pdns-users@mailman.powerdns.com
> > > https://mailman.powerdns.com/mailman/listinfo/pdns-users
> >
___
Pdns-users mailing list
Pdns-users@mailman.powerdns.com
https://mailman.powerdns.com/mailman/listinfo/pdns-users

Re: [Pdns-users] Pdns master-slave replication issue

2020-10-16 Thread Michael Rommel via Pdns-users 
Hi,

you could look at the config whether you have whitelisted the ip of the slave 
on the master for zone transfers (AXFR).

Secondly, if you have configured, that only signed transfers are allowed, look 
whether the correct TSIG keys are configured on master and slave.

HTH,

  Michael.

-- 
Michael Rommel, Erlangen, Germany

> On 16. Oct 2020, at 20:36, Satish Patel via Pdns-users 
>  wrote:
> 
> Folks,
> 
> I have installed fresh PowerDNS version pdns-4.3.1-1 on centOS8 and
> setup master-slave for replication. when i added a new zone on master
> i got the following error on slave server logs, any idea what is
> wrong?
> 
> I did add a supermaster entry and SOA NS record etc so i can confirm
> they are good and correct.
> 
> Oct 16 14:01:23 pdns-2.foo.example.net pdns_server[27983]: 1 slave
> domain needs checking, 0 queued for AXFR
> Oct 16 14:01:23 pdns-2.foo.example.net pdns_server[27983]: Received
> serial number updates for 1 zone, had 0 timeouts
> Oct 16 14:01:23 pdns-2.foo.example.net pdns_server[27983]: Domain
> 'foo.example.net' is empty, master serial 2020101603
> Oct 16 14:01:23 pdns-2.foo.example.net pdns_server[27983]: Initiating
> transfer of 'foo.example.net' from remote '10.64.0.10'
> Oct 16 14:01:23 pdns-2.foo.example.net pdns_server[27983]: Starting
> AXFR of 'foo.example.net' from remote 10.64.0.10
> Oct 16 14:01:23 pdns-2.foo.example.net pdns_server[27983]: Unable to
> AXFR zone 'foo.example.net' from remote '10.64.0.10' (resolver): AXFR
> chunk error: Server Failure (This was the first time. Excluding zone
> from slave-checks until 1602871343)
> ___
> Pdns-users mailing list
> Pdns-users@mailman.powerdns.com
> https://mailman.powerdns.com/mailman/listinfo/pdns-users

___
Pdns-users mailing list
Pdns-users@mailman.powerdns.com
https://mailman.powerdns.com/mailman/listinfo/pdns-users

[Pdns-users] Pdns master-slave replication issue

2020-10-16 Thread Satish Patel via Pdns-users 
Folks,

I have installed fresh PowerDNS version pdns-4.3.1-1 on centOS8 and
setup master-slave for replication. when i added a new zone on master
i got the following error on slave server logs, any idea what is
wrong?

I did add a supermaster entry and SOA NS record etc so i can confirm
they are good and correct.

Oct 16 14:01:23 pdns-2.foo.example.net pdns_server[27983]: 1 slave
domain needs checking, 0 queued for AXFR
Oct 16 14:01:23 pdns-2.foo.example.net pdns_server[27983]: Received
serial number updates for 1 zone, had 0 timeouts
Oct 16 14:01:23 pdns-2.foo.example.net pdns_server[27983]: Domain
'foo.example.net' is empty, master serial 2020101603
Oct 16 14:01:23 pdns-2.foo.example.net pdns_server[27983]: Initiating
transfer of 'foo.example.net' from remote '10.64.0.10'
Oct 16 14:01:23 pdns-2.foo.example.net pdns_server[27983]: Starting
AXFR of 'foo.example.net' from remote 10.64.0.10
Oct 16 14:01:23 pdns-2.foo.example.net pdns_server[27983]: Unable to
AXFR zone 'foo.example.net' from remote '10.64.0.10' (resolver): AXFR
chunk error: Server Failure (This was the first time. Excluding zone
from slave-checks until 1602871343)
___
Pdns-users mailing list
Pdns-users@mailman.powerdns.com
https://mailman.powerdns.com/mailman/listinfo/pdns-users