<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:x="urn:schemas-microsoft-com:office:excel" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40"><head><meta http-equiv=Content-Type content="text/html; charset=utf-8"><meta name=Generator content="Microsoft Word 15 (filtered medium)"><style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Consolas;
panose-1:2 11 6 9 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri",sans-serif;
mso-fareast-language:EN-US;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#0563C1;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:#954F72;
text-decoration:underline;}
p.MsoPlainText, li.MsoPlainText, div.MsoPlainText
{mso-style-priority:99;
mso-style-link:"Testo normale Carattere";
margin:0cm;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri",sans-serif;
mso-fareast-language:EN-US;}
span.TestonormaleCarattere
{mso-style-name:"Testo normale Carattere";
mso-style-priority:99;
mso-style-link:"Testo normale";
font-family:"Calibri",sans-serif;}
p.msonormal0, li.msonormal0, div.msonormal0
{mso-style-name:msonormal;
mso-margin-top-alt:auto;
margin-right:0cm;
mso-margin-bottom-alt:auto;
margin-left:0cm;
font-size:12.0pt;
font-family:"Times New Roman",serif;}
p.NurText, li.NurText, div.NurText
{mso-style-name:"Nur Text";
mso-style-link:"Nur Text Zchn";
margin:0cm;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri",sans-serif;
mso-fareast-language:EN-US;}
span.NurTextZchn
{mso-style-name:"Nur Text Zchn";
mso-style-priority:99;
mso-style-link:"Nur Text";
font-family:Consolas;
mso-fareast-language:EN-US;}
span.StileMessaggioDiPostaElettronica22
{mso-style-type:personal;
font-family:"Calibri",sans-serif;
color:windowtext;}
span.StileMessaggioDiPostaElettronica23
{mso-style-type:personal;
font-family:"Calibri",sans-serif;
color:#1F497D;}
span.StileMessaggioDiPostaElettronica24
{mso-style-type:personal-reply;
font-family:"Calibri",sans-serif;
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:612.0pt 792.0pt;
margin:70.85pt 2.0cm 2.0cm 2.0cm;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]--></head><body lang=IT link="#0563C1" vlink="#954F72"><div class=WordSection1><p class=MsoNormal><span style='color:#1F497D'>Hi Klaus,<o:p></o:p></span></p><p class=MsoNormal><span style='color:#1F497D'>thanks for you support.<o:p></o:p></span></p><p class=MsoNormal><span style='color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span style='color:#1F497D'>Yes, the SERIAL is automatically increased after saving the change on the RR of the domain, on the powerdns-admin web gui. But after your explanation, I compared the notified_serial on the domains table with the the output of dig of the SOA RR of the same domain example.com.<o:p></o:p></span></p><p class=MsoNormal><span style='color:#1F497D'>The SERIAL that I see via dig is correctly updated (2021072703) as the value indicated in the SOA RR on the records table; instead the notified_serial contains the old value (2021072703).<o:p></o:p></span></p><p class=MsoNormal><span style='color:#1F497D'>Output of the dig command launched on HM:<o:p></o:p></span></p><p class=MsoNormal><span style='color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:9.0pt;font-family:"Courier New";color:#1F497D'>; (1 server found)<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:9.0pt;font-family:"Courier New";color:#1F497D'>;; global options: +cmd<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:9.0pt;font-family:"Courier New";color:#1F497D'>;; Got answer:<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:9.0pt;font-family:"Courier New";color:#1F497D'>;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 51857<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:9.0pt;font-family:"Courier New";color:#1F497D'>;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:9.0pt;font-family:"Courier New";color:#1F497D'>;; WARNING: recursion requested but not available<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:9.0pt;font-family:"Courier New";color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:9.0pt;font-family:"Courier New";color:#1F497D'>;; OPT PSEUDOSECTION:<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:9.0pt;font-family:"Courier New";color:#1F497D'>; EDNS: version: 0, flags:; udp: 1232<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:9.0pt;font-family:"Courier New";color:#1F497D'>;; QUESTION SECTION:<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:9.0pt;font-family:"Courier New";color:#1F497D'>;example.com. IN SOA<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:9.0pt;font-family:"Courier New";color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:9.0pt;font-family:"Courier New";color:#1F497D'>;; ANSWER SECTION:<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:9.0pt;font-family:"Courier New";color:#1F497D'>example.com. 86400 IN SOA dns.example.it. welcomeadmin.example.it. 2021072703 86400 1800 2592000 3600<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:9.0pt;font-family:"Courier New";color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:9.0pt;font-family:"Courier New";color:#1F497D'>;; Query time: 2 msec<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:9.0pt;font-family:"Courier New";color:#1F497D'>;; SERVER: 10.131.239.114#53(10.131.239.114)<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:9.0pt;font-family:"Courier New";color:#1F497D'>;; WHEN: Tue Jul 27 23:37:16 CEST 2021<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:9.0pt;font-family:"Courier New";color:#1F497D'>;; MSG SIZE rcvd: 109<o:p></o:p></span></p><p class=MsoNormal><span style='color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span style='color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span style='color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:9.0pt;font-family:"Courier New";color:#1F497D'>MariaDB [pdns]> select * from domains where name like 'example.com';<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:9.0pt;font-family:"Courier New";color:#1F497D'>+------+-------------+--------+------------+--------+-----------------+---------+<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:9.0pt;font-family:"Courier New";color:#1F497D'>| id | name | master | last_check | type | notified_serial | account |<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:9.0pt;font-family:"Courier New";color:#1F497D'>+------+-------------+--------+------------+--------+-----------------+---------+<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:9.0pt;font-family:"Courier New";color:#1F497D'>| 6344 | example.com | | NULL | MASTER | 2021072601 | |<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:9.0pt;font-family:"Courier New";color:#1F497D'>+------+-------------+--------+------------+--------+-----------------+---------+<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:9.0pt;font-family:"Courier New";color:#1F497D'>1 row in set (0.000 sec)<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:9.0pt;color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:9.0pt;font-family:"Courier New";color:#1F497D'>MariaDB [pdns]> select * from records where name like 'example.com';<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:9.0pt;font-family:"Courier New";color:#1F497D'>+--------+-----------+-------------+------+---------------------------------------------------------------------------------------+-------+------+----------+-----------+------+<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:9.0pt;font-family:"Courier New";color:#1F497D'>| id | domain_id | name | type | content | ttl | prio | disabled | ordername | auth |<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:9.0pt;font-family:"Courier New";color:#1F497D'>+--------+-----------+-------------+------+---------------------------------------------------------------------------------------+-------+------+----------+-----------+------+<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:9.0pt;font-family:"Courier New";color:#1F497D'>| 380536 | 6344 | example.com | MX | mail.example.it | 900 | 10 | 0 | NULL | 1 |<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:9.0pt;font-family:"Courier New";color:#1F497D'>| 380537 | 6344 | example.com | NS | dns.example.it | 3600 | 0 | 0 | NULL | 1 |<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:9.0pt;font-family:"Courier New";color:#1F497D'>| 380538 | 6344 | example.com | NS | dnsslave.example.it | 3600 | 0 | 0 | NULL | 1 |<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:9.0pt;font-family:"Courier New";color:#1F497D'>| 380539 | 6344 | example.com | SOA | dns.example.it welcomeadmin.example.it 2021072703 86400 1800 2592000 3600 | 86400 | 0 | 0 | NULL | 1 |<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:9.0pt;font-family:"Courier New";color:#1F497D'>+--------+-----------+-------------+------+---------------------------------------------------------------------------------------+-------+------+----------+-----------+------+<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:9.0pt;font-family:"Courier New";color:#1F497D'>4 rows in set (0.000 sec)<o:p></o:p></span></p><p class=MsoNormal><span style='color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span style='color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span style='color:#1F497D'>So , in my scenario, even if the notified_serial is less than SOA RR SERIAL, the notification isn’t triggerd because I configured the HMs with master=no.<o:p></o:p></span></p><p class=MsoNormal><span style='color:#1F497D'>Based on your exaplanation, I understand that when I’ll put in service the new HM infrastructure, putting master=yes on them, the notification mechanism will work properly. Is it right?<o:p></o:p></span></p><p class=MsoNormal><span style='color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span style='color:#1F497D'>Best Regards<o:p></o:p></span></p><p class=MsoNormal><span style='color:#1F497D'>Angelo<o:p></o:p></span></p><p class=MsoNormal><span style='color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span style='color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span style='color:#1F497D'><o:p> </o:p></span></p><div><div style='border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0cm 0cm 0cm'><p class=MsoNormal><b><span style='mso-fareast-language:IT'>Da:</span></b><span style='mso-fareast-language:IT'> Klaus Darilion [mailto:klaus.darilion@nic.at] <br><b>Inviato:</b> martedì 27 luglio 2021 22:25<br><b>A:</b> Angelo Colucci <angelo.colucci@vianova.it><br><b>Oggetto:</b> AW: [Pdns-users] - also-notify global configuration parameter - unclear behavior<o:p></o:p></span></p></div></div><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal><span lang=DE-AT style='color:#1F497D'>Hi Angelo!<o:p></o:p></span></p><p class=MsoNormal><span lang=DE-AT style='color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span lang=DE-AT style='color:#1F497D'>Are you increasing the SERIAL in the SOA record of example.com?<o:p></o:p></span></p><p class=MsoNormal><span lang=DE-AT style='color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span lang=DE-AT style='color:#1F497D'>With master=yes PowerDNS will regularly (I think every slave-check-intervall) compare the zone's SERIAL with the "notified_serial" column in the domains table - and only if the SERIAL in the records table is higher PowerDNS will send NOTIFYs and then update the notified_serial in the domains table.<o:p></o:p></span></p><p class=MsoNormal><span lang=DE-AT style='color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span lang=DE-AT style='color:#1F497D'>regards<o:p></o:p></span></p><p class=MsoNormal><span lang=DE-AT style='color:#1F497D'>Klaus<o:p></o:p></span></p><p class=MsoNormal><span lang=DE-AT style='color:#1F497D'><o:p> </o:p></span></p><div style='border:none;border-left:solid blue 1.5pt;padding:0cm 0cm 0cm 4.0pt'><div><div style='border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0cm 0cm 0cm'><p class=MsoNormal><b><span lang=DE style='mso-fareast-language:DE-AT'>Von:</span></b><span lang=DE style='mso-fareast-language:DE-AT'> Pdns-users <<a href="mailto:pdns-users-bounces@mailman.powerdns.com">pdns-users-bounces@mailman.powerdns.com</a>> <b>Im Auftrag von </b>Angelo Colucci via Pdns-users<br><b>Gesendet:</b> Dienstag, 27. Juli 2021 22:19<br><b>An:</b> <a href="mailto:pdns-users@mailman.powerdns.com">pdns-users@mailman.powerdns.com</a><br><b>Betreff:</b> [Pdns-users] - also-notify global configuration parameter - unclear behavior<o:p></o:p></span></p></div></div><p class=MsoNormal><span lang=DE-AT><o:p> </o:p></span></p><p class=MsoPlainText>Hi,<o:p></o:p></p><p class=MsoPlainText>I'm configuring a new anycast dns authoritative infrastructure, composed by:<o:p></o:p></p><p class=MsoPlainText><o:p> </o:p></p><p class=MsoPlainText>- two Hidden Master with PowerDNS 4.5.0 with MySql backend<o:p></o:p></p><p class=MsoPlainText>- four Authoritative public nameserver (NSD 4.2.4/ Knot 3.0.8)<o:p></o:p></p><p class=MsoPlainText><o:p> </o:p></p><p class=MsoPlainText>At the moment the two HMs are configured as secondary in the pdns.conf, they download (via AXFR/IXFR) the zones from the old dns auth infrastructure and they update the four slave nameservers. <o:p></o:p></p><p class=MsoPlainText>At the moment the slave nameservers don't announce yet the service ip address specified in the glue record.<o:p></o:p></p><p class=MsoPlainText>Any changes on the zones on the old dns nameservers are correctly delivered to the HMs and then to the slave nameservers (thanks to secondary-do-renotify globally enabled and also-notify that specifies the unicast ip addresses of the four slave nameservers).<o:p></o:p></p><p class=MsoPlainText>But In this scenario I'm experimenting an unclear behavior of the "also-notify" configuration parameter in pdns.conf, when i modify/add a RR on a test zone that is master on the HMs.<o:p></o:p></p><p class=MsoPlainText>In particular the test is the following:<o:p></o:p></p><p class=MsoPlainText><o:p> </o:p></p><p class=MsoPlainText>- I add the domain example.com as master on the two HM, as slave on the four slave nameservers.<o:p></o:p></p><p class=MsoPlainText>- I modify/add one RR on the example.com on the two HMs.<o:p></o:p></p><p class=MsoPlainText><o:p> </o:p></p><p class=MsoPlainText>I'm expecting that all 4 nameservers will receive on their unicast-ip address the notification and they download via ixfr those changes (thanks to also-notify configuration parameter), but pdns on both HMs doesn't send any notification.<o:p></o:p></p><p class=MsoPlainText>In this case I force the notification with the following command launched from one of the HM:<o:p></o:p></p><p class=MsoPlainText><o:p> </o:p></p><p class=MsoPlainText>pdns_control notify example.com<o:p></o:p></p><p class=MsoPlainText><o:p> </o:p></p><p class=MsoPlainText>Is it a normal behavior of also-notify or does it depends by the configuration of the HMs as secondary (so the notifications will be correctly generated when I’ll reconfigure the HMs as primary)? Otherwise, what did I forget in the pdns.conf?<o:p></o:p></p><p class=MsoPlainText><o:p> </o:p></p><p class=MsoPlainText>Thanks in advance for any help<o:p></o:p></p><p class=MsoPlainText>Angelo<o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal><o:p> </o:p></p></div></div></body></html>