bert hubert wrote:
Perhaps a question for everybody.. How do make yure you have enough
*good* random for (frequent) key generation for (many) different
zones?
I've heard good things about http://www.entropykey.co.uk/ .
This is a sort of halfway solution - I'd not suggest just using
Thomas Andrews wrote:
Can anybody point me at some documentation about what is supposed to go
into the various fields in the db?
Specifically what is the purpose of the 'domains' table?
In the 'records' table, I understand what the obvious fields are, but
what is 'domain_id', 'prio', and
Chris Hesselrode wrote:
When setting pdns recursor to use an IPv4 and IPv6 address (comma separated
in local-ip)
the server doesn't respond to queries over IPv6.
Any quick tips to look at?
This sounds like an exact dupe of the problem Marten Lehmann had just this
week...
Greets,
John Macleod wrote:
This is slightly unspecific to pdns...
I am looking for a script to test the current delegation of zones
within our pdns installation.
Effectively...
- Grab zone out of db
- Poke root...
- Poke parent
- NS is one of our IPs, yes or no
Searches have yielded
Erik Weber wrote:
Some other things to consider why running PDNS is better:
[...]
Just shooting in with a feature that I just came to remember.
6) Fancy records.
3.0 doesn't support fancy records any more.
http://doc.powerdns.com/fancy-records.html
Mit freundlichen Grüßen,
Sebastian
--
Enrico van Goor wrote:
Aug 25 13:22:44 Unable to find backend willing to host example.org for
potential supermaster 10.12.3.50
The IP of the nameserver isn't is the NS records of the domain and
isn't meant to. When I do add the NS record, the AXFR does work.
The supermasters table
Ton van Rosmalen wrote:
snip
mysql select * from supermasters;
++--+-+
| ip | nameserver | account |
++--+-+
| 10.12.3.50 | master.example.com | admin |
Enrico van Goor wrote:
snip
mysql select * from supermasters;
++--+-+
| ip | nameserver | account |
++--+-+
| 10.12.3.50 | master.example.com | admin |
Maysara A. Abdulhaq wrote:
[http://code.google.com/p/powerdns-webinterface/]
It looks nice, but i noticed that the created users can freely
create domains, it would be nice if users can be assigned domains
they can modify , but not necessarily create new ones.
Yes, that would be nice.
But
Timo Witte wrote:
[http://code.google.com/p/powerdns-webinterface/ vs. multi-tenancy]
But, if both resellers use the same DNS Server, it would get a little
complicated, because you can´t tell when the domain should be moved. I
solution for this would be a active flag for the domain. So only 1
Florian Obser wrote:
With the possibility to say use this database backend for private
key material only, I could use another databse backend to store
the signed zones, replicate this database and nonetheless neither
powerdns doesn't store signatures in the database backend when running
Brouwer, Onno wrote:
Does anyone know whether it is possible to use PowerDNS to build a persistent
DNS cache?
What exactly do you unterstand to be a persistent DNS cache?
Ideas come to my mind including querylogging, automatic ressource
record extraction, revision control systems, lua
Jan-Piet Mens wrote:
Works perfectly, but what about updating the serial number for
the zone in the SOA record?
In an SQL master/slave setup I can't think of a reason
that it would matter. Any thoughts on that?
I tend to agree that if you're using PowerDNS exclusively as mentioned,
a b wrote:
Nevertheless, in my experience, this should be handled by the pdns software.
I'm thinking that if pdns supermaster is capable of persuading a superslave
to become a slave for a domain, and then a transfer takes place, would it not
be logical to expect that when said domain is
Many protocols for distribution of data have a certain ordering and an
acknowledgement
mechanism. NOTIFY does have an acknowledgement mechanism (but PowerDNS
masters don't
do a lot with it) but no ordering. It's easier to lose things with NOTIFY
than with
other replication
So it can be done then? Use NOTIFY and not have data loss on the slaves?
A packet lost in transit is not data loss on slave. If the data
never gets there, slave can't lose it. Inconsistency would be more
of a correct term here.
Such inconsistencies can be monitored for very well, and if you
Marc Haber wrote:
Odhiambo Washington wrote:
Does PowerDNS support views, in some way?
If you look for something that is the same as bind views, the answer
is no, unfortunately. Same goes for ACLs.
Thinking about this again, one could easily achieve such a result with
a combination of
Aki Tuomi wrote:
On Wed, Jun 19, 2013 at 10:14:56AM +0200, Marc Haber wrote:
On Wed, Jun 19, 2013 at 09:18:42AM +0300, Aki Tuomi wrote:
Another method that has been used has been to setup a record like
*.monitoring.example.com IN A 127.0.0.1
and then ask stuff like dig `date
If test.annoying.com is a domain on its own; then there MUST be
a SOA record (it is kind of the domains identity), then you can
AXFR the domain (given that NS records are present, too).
If test.annoying.com is NOT a domain on its own, no SOA is needed,
But then you can NOT AXFR
Hi,
Does pdns currently implement RFC6303 (Locally Served DNS Zones)?
Couldn't find anything about it in the docs..
If not, are there future plans to implement it?
Kind regards,
Sebastian
--
Sebastian Posner
Unix-Systemspezialist
Deutsche Telekom AG, Products Innovation
Es hat einmal einer
Providing your config for both recursor and authoritative would be rather
helpful ;)
Mit freundlichen Grüßen,
Sebastian
--
Sebastian Posner
Unix-Systemspezialist
Deutsche Telekom AG, Products Innovation
Es hat einmal einer gesagt, das geht nicht. Dann kam einer, der wusste das
nicht und hat
Hi,
Is there a command option for pdns_control or pdnssec that
artificially bumps the zone serial in a native zone setup,
e.g. to test proper notification an replication behaviour?
Should trigger the same action that is launched when a zone
is resigned.
Kind regards,
Sebastian
--
Sebastian
Did you execute pdnssec secure-zone .. only on the master or on the slaves,
too?
What does the query
---
select type from domains where name=concepthouse.nl;
---
produce as output when issued on all of the backend-databases?
Kind regards,
Sebastian
--
Sebastian Posner
Unix-Systemspezialist
All records transfer just
fine...except for the Autodiscover SRV record. The record itself
registers correctly:
_autodiscover._tcp.testing29.com SRV 0 443
autodiscovery.testing29.com 14400 0
but...Powerdns splits the SRV record and produces an extra record/row
in the database,
Hi,
Is there a specific reason (but sheer oversight) for e.g.
http://downloads.powerdns.com/releases/deb/ not being a apt-compatible
repository?
It seems the needed script is even present in that directory but hasn't been
executed for about 10 years now.. xD
This would make automatic
The allowed NULL in type is NOT optional. Exactly for these purposes
(empty-non-terminals).
Powerdns automatically creates filler records with type=NULL if you e.g.
create record a.b.c.bla in domain c.bla without any record present for b.c.bla.
IOW: If your software is designed to work on a
Thomas Mieslinger wrote:
the documentation is not clear about how to allow more than one ip or
range in the ALLOW-2136-FROM domainmetadata.
Are multiple ALLOW-2136-FROM domainmetadata Records honored for a
domain_id? Or should I space separate the allowed IPs in one record?
Quoting
Julian K. wrote:
There's your problem: not presigned. You need to set them
presigned
so that pdns knows they're signed and that it needs to send rrsig
records. To do this, you'll need to run
pdnssec set-presigned zone
I want the bindbackend to manage the keys and
NewWorld wrote:
It make sense but maybe it was not clear enough, I'm asking if it is
possible to forward the request for zone1.com to AD, even if powerdns
still have that zone1.com.
If your recursor is behind your authoritative, no way I'd say.
(that is, if your recursor is in the
Martin Chandler wrote:
Is it possible to modify the structure of the records table,
to add new fields?
You can add as many columns as you need; that will not interfere with
PowerDNS Auth operation. (You can also rename existing columns, but
you'd need to redefine the queries
30 matches
Mail list logo
