<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<meta name="Generator" content="Microsoft Word 14 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri","sans-serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal;
font-family:"Calibri","sans-serif";
color:windowtext;}
span.EmailStyle18
{mso-style-type:personal-reply;
font-family:"Calibri","sans-serif";
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang="EN-US" link="blue" vlink="purple">
<div class="WordSection1">
<p class="MsoNormal"><span style="color:#1F497D">Thank you for this response, I learned something new. I do have one other question in regards to DNSSEC. If I enable dnssec in the pdns.conf file for later use will all zones that are not “secured” be broken?<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">The reason that I am asking this is that I had enabled it and had some significant problems with my domains until I ran a ‘pdnssec secure-zone xyz.com’ command on some of the domains that were giving me a problem
(with no authoritative name server errors) after I realized that this was the case, I removed the gmysql-dnssec from the .conf file and restarted pdns. This seemed to clear everything up. I am not using dnssec now but I intend to implement it once I
know more about it. <o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">Any Ideas?<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">Hoy.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"><o:p> </o:p></span></p>
<div>
<div style="border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">From:</span></b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif""> pdns-users-bounces@mailman.powerdns.com [mailto:pdns-users-bounces@mailman.powerdns.com]
<b>On Behalf Of </b>Hoy Henry<br>
<b>Sent:</b> Wednesday, October 30, 2013 9:35 AM<br>
<b>To:</b> pdns-users@mailman.powerdns.com<br>
<b>Subject:</b> [Pdns-users] Wondering if this will work.<o:p></o:p></span></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Good Day.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">I am working with CentOS 6.4, PowerDNS 3.12.e16. on a mysql backend all on one box. No DNSSEC. Binary was provided through yum and epel. Installed myself yesterday.
<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">It is my intent that this server will serve as a Primary Authoritative Name Server for some 200-300 domains already running on an old failing BIND server. I Intend to bring up a slave PDNS server today and hook-up mysql replication. The
original Primary BIND server died a few weeks ago and everything was failed over to the secondary (NS2) leaving a vacancy of what I will call NS1.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">The person that was maintaining this setup left shortly after the problem occurred and I am the new guy trying to get things up and running as stable as possible. I was able to export all of the zones from the remaining BIND server (NS2)
and import those into the new MySQL backend. I have PowerDNS Webinterface Version 1.5.3 installed and everything looks pretty good. I am able to dig and query the servers records I think, just fine.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">My intent with this is to shut down my current NS2 BIND server and cutover to the new environment with the fresh NS1 and NS2 PDNS installs. With this, I would LIKE to re IP NS1 and NS2 to different addresses when the cutover happens.
If I do this, will this be a problem? Do I need to change the IP addresses on the Current NS2 (And NS1 Entry in DNS) and let those records propagate before making the cutover? Am I over thinking this? I just don’t want to cause a catastrophe by making
this change…..I’m kind “unseasoned” at a lot of this sort of thing. Anything I missed that I should be worried about?<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">As a secondary question, what would be the proper IPTABLE rules to allow the communication of DNS to happen? I will not be using recursion with these servers for dns lookups.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Any help would be greatly appreciated. <o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Thanks!<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Hoy.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
</body>
</html>