[Pdns-users] Shadow primary with LDAP backend--how to make authoritative?
John Morris
jman at ablesky.com
Sun Jun 1 10:39:14 UTC 2008
By the way, this is pdns 2.9.21 from the EPEL RPMs.
John
John Morris wrote:
> Our new DNS server, horseman.ablesky.com, is running in shadow primary
> mode for ablesky.com while I'm testing. It contains its zones in an
> LDAP backend, and is correctly answering queries that are in the
> database. Its own NS records (in LDAP) list horseman.ablesky.com as
> one of the nameservers for the zone, and horseman.ablesky.com is
> actually in the nameserver field of the SOA (again, in LDAP).
>
> The TLD nameservers currently delegate ablesky.com to the zoneedit.com
> nameservers. Later, when I am confident that horseman.ablesky.com and
> a secondary are functioning properly, we will switch the delegation to
> our own nameservers.
>
> When horseman.ablesky.com answers a query for a non-existent record in
> the zone, such as 'snthinoeth.ablesky.com', it sends back NXDOMAIN,
> but the authority section SOA contains the SOA from the zoneedit
> nameservers, not the SOA that is configured in LDAP. The AA flag is
> unset and the RD flag is set.
>
> Is this the expected behavior? I would like to see horseman returning
> a result with the AA flag set and the SOA that is configured in LDAP.
> Is there a way to get this behavior before delegating the ablesky.com
> domain to horseman?
>
> Thanks for any help. I'll gladly provide further details if needed.
>
> John
>
> _______________________________________________
> Pdns-users mailing list
> Pdns-users at mailman.powerdns.com
> http://mailman.powerdns.com/mailman/listinfo/pdns-users
--
John Morris
Vice President, Asia-Pacific Region
AbleSky, Inc.
+86-10-8885-5525 ext. 102 (Beijing, China)
+1-650-694-7960 ext. 102 (Mountain View, CA)
More information about the Pdns-users
mailing list