[Pdns-users] Shadow primary with LDAP backend--how to make authoritative?
John Morris
jman at ablesky.com
Sun Jun 1 10:36:22 UTC 2008
Our new DNS server, horseman.ablesky.com, is running in shadow primary
mode for ablesky.com while I'm testing. It contains its zones in an
LDAP backend, and is correctly answering queries that are in the
database. Its own NS records (in LDAP) list horseman.ablesky.com as one
of the nameservers for the zone, and horseman.ablesky.com is actually in
the nameserver field of the SOA (again, in LDAP).
The TLD nameservers currently delegate ablesky.com to the zoneedit.com
nameservers. Later, when I am confident that horseman.ablesky.com and a
secondary are functioning properly, we will switch the delegation to our
own nameservers.
When horseman.ablesky.com answers a query for a non-existent record in
the zone, such as 'snthinoeth.ablesky.com', it sends back NXDOMAIN, but
the authority section SOA contains the SOA from the zoneedit
nameservers, not the SOA that is configured in LDAP. The AA flag is
unset and the RD flag is set.
Is this the expected behavior? I would like to see horseman returning a
result with the AA flag set and the SOA that is configured in LDAP. Is
there a way to get this behavior before delegating the ablesky.com
domain to horseman?
Thanks for any help. I'll gladly provide further details if needed.
John
More information about the Pdns-users
mailing list