[Pdns-users] Please Help me..Bert Hubert help me!!

Udo Rader udo.rader at bestsolution.at
Tue Jun 5 11:43:42 UTC 2007 

On Tue, 2007-06-05 at 10:35 +0000, Ale ***** wrote:
> Good Morning,
> 
> 
> Firstly I’m sorry for my english but I’m Italian. I read that you are one of 
> the principal author of PowerDNS so I hope that
> 
> you could help me. Cause university’s reasons I must change the architecture 
> now present. Simplify it, I have 2 DNS server,
> 
> a master (192.168.0.1)  and a slave (192.168.0.2) both use bind 9. I'd want 
> to have a third dns server (192.168.0.3) that use
> 
> PowerDNS. This third DNS server that use PowerDNS should be like a 
> supermaster. I'll try to explain better.  I’d like to
> 
> add new zone (records) or modify an existent zone (records)  and i'd want 
> that this changes are sended to master
> 
> DNS server and consequently to slave DNS server by refresh both use Bind 9. 
> So i'd want to have a "centralized" DNS
> 
> server that use powerDNS with i'd manage the other DNS server that use bind. 
> Is it possible using PowerDNS's
> 
> "supermaster option"?
> 
> Somebody told me that is it impossible because supermaster option doesn’t 
> work with other Dns
> 
> Server but all the Dns should use PowerDns and somebody also told me that 
> the one way to transfer domain between a dns
> 
> server that use powerdns and a dns server that use bind is AXFR. They told 
> me that  I should configure Powerdns in that
> 
> way:
> 
>             allow-axfr-ips=192.168.0.1 192.168.0.2
> 
> 
>             master=yes
> 
> 
>             slave=no
> 
> and configure Bind to take domain by AXFR from 192.168.0.3

what you essentially need is to allow your bind hosts to transfer the
zones managed in the central PDNS server (so allow-axfr-ips is the
correct way).

But transferral is not bidirectional, so if you want your bind hosts to
be updated by some (client) applications (like dhcp servers) you will
probably be lost. 

updates should always go the master dns server(s), in your case the PDNS
server. otherwise you might run into concurrency issues about who really
controls a domain.

the flow of data is like this:

client => sends update wish to master => master propagates changes to
slaves

-- 
Udo Rader

bestsolution.at EDV Systemhaus GmbH
http://www.bestsolution.at
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20070605/1a9528df/attachment-0001.sig>

More information about the Pdns-users mailing list