Re: [Pdns-users] Newbie questions
On 11/08/2017 17:18, Rokkhan wrote: I am using SLES 12 SP1. The only repositories I have found are for 4.0.X version. Is there any repo for 4.1.X in SLES? 4.1.x hasn't actually been released yet (alpha currently), so for a production system install 4.0.x. What I mean is, don't rely on the recursor function in pdns authoritative, because when you do upgrade to 4.1.x it won't be there any more. Best practice is to run separate recursive and authoritative servers. Regards, Brian. ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] Newbie questions
Hi Brian, Yes, the auth server will not be reachable from internet it will be only for internal purposes. I mean, better performance than configure auth server to answer client queries and if there is not an internal record forward them to the recursor and finally to internet dns server, like I have seen in the configuration guide. I am using SLES 12 SP1. The only repositories I have found are for 4.0.X version. Is there any repo for 4.1.X in SLES? Greetings 2017-08-11 9:53 GMT+02:00 Brian Candler : > On 11/08/2017 08:42, Rokkhan wrote: > >> Hi, >> >> I am installing pdns auth an recursor on my server to make some tests but >> I have a question. Could it be possible to configure recursor to handle all >> the request from computers and configure only to forward internal domains >> to auth server? >> > Yes. Look at the "forward-zones" and "forward-zones-file" options. > https://doc.powerdns.com/md/recursor/settings/ > > Does it make sense? >> > Yes if you have internal-only domains which are not visible on the public > Internet (i.e. there are no NS records pointing to the authoritative > nameservers, and/or the authoritative nameservers are not reachable from > the Internet) > > >> Since the recursor has a cache to store dns queries, wouldn´t be a better >> performance solution? >> >> A better performance solution than what? > > You cannot simply point the clients directly at an authoritative server; > you must point them at a recursor. Actually, pdns authoritative used to > have a built-in recursor option, but this was removed in 4.1.0. > > https://doc.powerdns.com/md/authoritative/recursion/ > > One final hint: if you're on Ubuntu 16.04, make sure that you're not using > the pdns auth server in the Ubuntu repositories. It is an alpha release > which is buggy. Use the repositories at https://repo.powerdns.com/ > > HTH, > > Brian. > ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] Newbie questions
On 11/08/2017 08:42, Rokkhan wrote: Hi, I am installing pdns auth an recursor on my server to make some tests but I have a question. Could it be possible to configure recursor to handle all the request from computers and configure only to forward internal domains to auth server? Yes. Look at the "forward-zones" and "forward-zones-file" options. https://doc.powerdns.com/md/recursor/settings/ Does it make sense? Yes if you have internal-only domains which are not visible on the public Internet (i.e. there are no NS records pointing to the authoritative nameservers, and/or the authoritative nameservers are not reachable from the Internet) Since the recursor has a cache to store dns queries, wouldn´t be a better performance solution? A better performance solution than what? You cannot simply point the clients directly at an authoritative server; you must point them at a recursor. Actually, pdns authoritative used to have a built-in recursor option, but this was removed in 4.1.0. https://doc.powerdns.com/md/authoritative/recursion/ One final hint: if you're on Ubuntu 16.04, make sure that you're not using the pdns auth server in the Ubuntu repositories. It is an alpha release which is buggy. Use the repositories at https://repo.powerdns.com/ HTH, Brian. ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] Newbie questions
Hi Rokkhan, I am installing pdns auth an recursor on my server to make some tests but I have a question. Could it be possible to configure recursor to handle all the request from computers and configure only to forward internal domains to auth server? Does it make sense? Yes, in any case. Regards, Winfried ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/pdns-users