[Pdns-users] zone configuration
donaldbjames at suddenlinkmail.com
donaldbjames at suddenlinkmail.com
Wed Jan 5 14:57:51 UTC 2011
Hi Imre,
I too am just another user and I don't work for powerdns.
The ip addresses of the slave servers are as follows:
ns1.twisted4life.com. ['202.157.182.142'] [TTL=172800]
b.ns.buddyns.com. ['173.244.206.26'] [TTL=172800]
c.ns.buddyns.com. ['82.130.104.115'] [TTL=172800]
I am wondering where to enter the ip addresses of the slave servers in
the pdns.conf. Or, are the ip addresses of the slave servers entered
somewhere in the zone files?
Yes, that machine has pdns installed on it and it is a master.
I have set up this machine as a router. It has two network interface
cards in it.
I test it by going to my domain name registrar and changing the static
ip. Then I see if the slave zone files get updated. Here's where the
problem lies. The slave zone files don't get updated. The slaves are
trying to respond to the previous static ip.
Regards,
Don James
On 1/5/2011 2:28 AM, Imre Gergely wrote:
>
> I'm still not sure what you setup is... You say that you have a machine
> directly connected to the internet with static IP address. Does that
> machine have pdns installed on it, and it's a master, or how is it
> exactly? Because in the pdns.conf I see only 192.168.1.1 . What IP
> addresses do the slaves have, how do you test it exactly? Some more
> details please.
>
> Mind you, I don't actually WORK for powerdns, I'm just another user :)
>
> On Tue, 04 Jan 2011 16:22:16 -0600, donaldbjames at suddenlinkmail.com wrote:
>> Hi Imre,
>>
>> Here are my config files:
>> pdns.conf:
>>
>> # Autogenerated configuration file template
>> #################################
>> # allow-axfr-ips Allow zonetransfers only to these subnets
>> #
>> # allow-axfr-ips=0.0.0.0/0
>>
>> #################################
>> # allow-recursion List of subnets that are allowed to recurse
>> #
>> # allow-recursion=0.0.0.0/0
>> allow-recursion=192.168.1.0/24
>> #################################
>> # allow-recursion-override Set this so that local data fully overrides
>> the recursor
>> #
>> # allow-recursion-override=no
>>
>> #################################
>> # cache-ttl Seconds to store packets in the PacketCache
>> #
>> # cache-ttl=20
>>
>> #################################
>> # chroot If set, chroot to this directory for more security
>> #
>> # chroot=
>>
>> #################################
>> # config-dir Location of configuration directory (pdns.conf)
>> #
>> # config-dir=/usr/local/etc
>>
>> #################################
>> # config-name Name of this virtual configuration - will rename the
>> binary image
>> #
>> # config-name=
>>
>> #################################
>> # control-console Debugging switch - don't use
>> #
>> # control-console=no
>>
>> #################################
>> # daemon Operate as a daemon
>> #
>> # daemon=no
>>
>> #################################
>> # default-soa-name name to insert in the SOA record if none set in the
>> backend
>> #
>> # default-soa-name=a.misconfigured.powerdns.server
>>
>> #################################
>> # default-ttl Seconds a result is valid if not set otherwise
>> #
>> # default-ttl=3600
>>
>> #################################
>> # disable-axfr Disable zonetransfers but do allow TCP queries
>> #
>> # disable-axfr=no
>>
>> #################################
>> # disable-tcp Do not listen to TCP queries
>> #
>> # disable-tcp=no
>>
>> #################################
>> # distributor-threads Default number of Distributor (backend)
>> threads to
>> start
>> #
>> # distributor-threads=3
>>
>> #################################
>> # do-ipv6-additional-processing Do AAAA additional processing
>> #
>> # do-ipv6-additional-processing=no
>>
>> #################################
>> # fancy-records Process URL and MBOXFW records
>> #
>> # fancy-records=no
>>
>> #################################
>> # guardian Run within a guardian process
>> #
>> # guardian=no
>>
>> #################################
>> # launch Which backends to launch and order to query them in
>> #
>> # launch=
>>
>> #################################
>> # lazy-recursion Only recurse if question cannot be answered locally
>> #
>> # lazy-recursion=yes
>>
>> #################################
>> # load-modules Load this module - supply absolute or relative path
>> #
>> # load-modules=
>>
>> #################################
>> # local-address Local IP addresses to which we bind
>> #
>> # local-address=0.0.0.0
>> local-address=192.168.1.1
>> #################################
>> # local-ipv6 Local IP address to which we bind
>> #
>> # local-ipv6=
>>
>> #################################
>> # local-port The port on which we listen
>> #
>> local-port=53
>>
>> #################################
>> # log-dns-details If PDNS should log DNS non-erroneous details
>> #
>> # log-dns-details=
>> log-dns-details=/var/log/pdns/pdns.log
>> #################################
>> # log-failed-updates If PDNS should log failed update requests
>> #
>> # log-failed-updates=
>>
>> #################################
>> # logfile Logfile to use (Windows only)
>> #
>> # logfile=pdns.log
>>
>> #################################
>> # logging-facility Log under a specific facility
>> #
>> # logging-facility=
>>
>> #################################
>> # loglevel Amount of logging. Higher is more. Do not set below 3
>> #
>> # loglevel=4
>>
>> #################################
>> # master Act as a master
>> #
>> # master=no
>> master=yes
>> #################################
>> # max-queue-length Maximum queuelength before considering situation
>> lost
>> #
>> # max-queue-length=5000
>>
>> #################################
>> # max-tcp-connections Maximum number of TCP connections
>> #
>> # max-tcp-connections=10
>>
>> #################################
>> # module-dir Default directory for modules
>> #
>> # module-dir=/usr/local/lib
>>
>> #################################
>> # negquery-cache-ttl Seconds to store packets in the PacketCache
>> #
>> # negquery-cache-ttl=60
>>
>> #################################
>> # no-shuffle Set this to prevent random shuffling of answers - for
>> regression testing
>> #
>> # no-shuffle=off
>>
>> #################################
>> # out-of-zone-additional-processing Do out of zone additional
>> processing
>> #
>> # out-of-zone-additional-processing=yes
>>
>> #################################
>> # pipebackend-abi-version Version of the pipe backend ABI
>> #
>> # pipebackend-abi-version=1
>>
>> #################################
>> # query-cache-ttl Seconds to store packets in the PacketCache
>> #
>> # query-cache-ttl=20
>>
>> #################################
>> # query-local-address Source IP address for sending queries
>> #
>> # query-local-address=
>>
>> #################################
>> # query-logging Hint backends that queries should be logged
>> #
>> # query-logging=no
>>
>> #################################
>> # queue-limit Maximum number of milliseconds to queue a query
>> #
>> # queue-limit=1500
>>
>> #################################
>> # recursive-cache-ttl Seconds to store packets in the PacketCache
>> #
>> # recursive-cache-ttl=10
>>
>> #################################
>> # recursor If recursion is desired, IP address of a recursing
>> nameserver
>> #
>> # recursor=no
>> recursor=127.0.0.1
>> #################################
>> # send-root-referral Send out old-fashioned root-referral instead of
>> ServFail in case of no authority
>> #
>> # send-root-referral=no
>>
>> #################################
>> # setgid If set, change group id to this gid for more security
>> #
>> setgid=pdns
>>
>> #################################
>> # setuid If set, change user id to this uid for more security
>> #
>> setuid=pdns
>>
>> #################################
>> # skip-cname Do not perform CNAME indirection for each query
>> #
>> # skip-cname=no
>>
>> #################################
>> # slave Act as a slave
>> #
>> # slave=no
>>
>> #################################
>> # slave-cycle-interval Reschedule failed SOA serial checks once
>> every ..
>> seconds
>> #
>> # slave-cycle-interval=60
>>
>> #################################
>> # smtpredirector Our smtpredir MX host
>> #
>> # smtpredirector=a.misconfigured.powerdns.smtp.server
>>
>> #################################
>> # soa-expire-default Default SOA expire
>> #
>> # soa-expire-default=604800
>>
>> #################################
>> # soa-minimum-ttl Default SOA mininum ttl
>> #
>> # soa-minimum-ttl=3600
>>
>> #################################
>> # soa-refresh-default Default SOA refresh
>> #
>> # soa-refresh-default=10800
>>
>> #################################
>> # soa-retry-default Default SOA retry
>> #
>> # soa-retry-default=3600
>>
>> #################################
>> # soa-serial-offset Make sure that no SOA serial is less than this
>> number
>> #
>> # soa-serial-offset=0
>>
>> #################################
>> # socket-dir Where the controlsocket will live
>> #
>> # socket-dir=/var/run
>>
>> #################################
>> # strict-rfc-axfrs Perform strictly rfc compliant axfrs (very slow)
>> #
>> # strict-rfc-axfrs=no
>>
>> #################################
>> # trusted-notification-proxy IP address of incoming notification proxy
>> #
>> # trusted-notification-proxy=
>>
>> #################################
>> # urlredirector Where we send hosts to that need to be url redirected
>> #
>> # urlredirector=127.0.0.1
>>
>> #################################
>> # use-logfile Use a log file (Windows only)
>> #
>> # use-logfile=no
>>
>> #################################
>> # version-string PowerDNS version in packets - full, anonymous,
>> powerdns
>> or custom
>> #
>> # version-string=full
>>
>> #################################
>> # webserver Start a webserver for monitoring
>> #
>> # webserver=no
>>
>> #################################
>> # webserver-address IP Address of webserver to listen on
>> #
>> # webserver-address=127.0.0.1
>>
>> #################################
>> # webserver-password Password required for accessing the webserver
>> #
>> # webserver-password=
>>
>> #################################
>> # webserver-port Port of webserver to listen on
>> #
>> # webserver-port=8081
>>
>> #################################
>> # webserver-print-arguments If the webserver should print arguments
>> #
>> # webserver-print-arguments=no
>>
>> #################################
>> # wildcard-url Process URL and MBOXFW records
>> #
>> # wildcard-url=no
>>
>> #################################
>> # wildcards Honor wildcards in the database
>> #
>> # wildcards=
>> ################################
>> launch=gmysql
>> gmysql-host=127.0.0.1
>> gmysql-user=root
>> gmysql-dbname=pdnstest
>> gmysql-password=doofus
>> ################################
>>
>>
>> ************* end of pdns.conf **************
>>
>> recursor.conf:
>>
>> # Copyright 1999-2006 Gentoo Foundation
>> # Distributed under the terms of the GNU General Public License v2
>> # $Header:
>> /var/cvsroot/gentoo-x86/net-dns/pdns-recursor/files/recursor.conf,v 1.2
>> 2007/06/08 22:28:14 swegener Exp $
>>
>> # Drop uid
>> setuid=nobody
>>
>> # Drop gid
>> setgid=nobody
>>
>> # Don't log queries
>> quiet=on
>>
>> # Local IP address to bind to
>> local-address=127.0.0.1
>>
>> # Local port to bind to
>> local-port=53
>>
>> # Change root for safety
>> # chroot=/var/lib/powerdns
>> *************************** end of recursor.conf ****************
>>
>> Let me know what you think.
>>
>> Regards,
>>
>> Don James
>>
>> On 1/1/2011 2:07 AM, Imre Gergely wrote:
>>>
>>> You will have to be a little more specific on this one... at least
>>> attach your config files so we can see where the problem could be.
>>> You are sure it's not a firewall issue, right?
>>>
>>> On 12/31/2010 04:16 AM, donaldbjames at suddenlinkmail.com wrote:
>>>> Hi,
>>>>
>>>> I have another question.
>>>>
>>>> On another computer that is connected directly to the internet and
>>>> has a
>>>> static ip, I have the same powerdns configuration and I can't get the
>>>> SOA nameserver to respond to queries from the slave nameservers.
>>>>
>>>> Do you think the problem could be in pdns.conf?
>>>>
>>>> Any help would be greatly appreciated.
>>>>
>>>> Regards,
>>>>
>>>> Don James
>>>>
>>>> On 12/29/2010 12:59 AM, Imre Gergely wrote:
>>>>>
>>>>> Hi
>>>>>
>>>>> For MNAME in the SOA record you should have your primary nameserver,
>>>>> like ns1.donaldbjames.info. It definitely should be one of the
>>>>> nameservers of the domain, one of these:
>>>>>
>>>>> ;; ANSWER SECTION:
>>>>> donaldbjames.info. 86332 IN NS b.ns.buddyns.com.
>>>>> donaldbjames.info. 86332 IN NS ns1.twisted4life.com.
>>>>> donaldbjames.info. 86332 IN NS ns1.donaldbjames.info.
>>>>> donaldbjames.info. 86332 IN NS ns2.afraid.org.
>>>>>
>>>>> The SOA should be something like:
>>>>>
>>>>> donaldbjames.info. 86400 IN SOA ns1.donaldbjames.info.
>>>>> donaldbjames.suddenlinkmail.com. 2010122811 10800 3600 604800 3600
>>>>>
>>>>> As for the recursor and auth server running at the same time, you must
>>>>> have them listen on two separate IP addresses if you want to run them
>>>>> both on port 53. This would be the recommended way.
>>>>> You could also have pdns-recursor listen on another port, say 53000
>>>>> and
>>>>> then set the recursor= option in the auth server to forward
>>>>> requests to
>>>>> the recursor. This is not recommended but you can do it if you have a
>>>>> small site, or you just use the recursor on localhost. But then you
>>>>> could bind the recursor to 127.0.0.1 and the auth server to whatever
>>>>> other IP address you have on the box.
>>>>>
>>>>> On Tue, 28 Dec 2010 20:46:05 -0600, donaldbjames at suddenlinkmail.com
>>>>> wrote:
>>>>>> Hi folks,
>>>>>>
>>>>>> I managed to get powerdns configured and running. I used poweradmin
>>>>>> to enter the zone data for my SOA zones.
>>>>>>
>>>>>> However, when I check my configuration with http://www.intodns.com, I
>>>>>> get the following error:
>>>>>>
>>>>>> SOA MNAME entry WARNING: SOA MNAME (donaldbjames.info) is not
>>>>>> listed as a primary nameserver at your parent nameserver!
>>>>>>
>>>>>> My zone is donaldbjames.info. If you like, go to
>>>>>> http://www.intodns.com
>>>>>> type in "donaldbjames.info" in the box at the top, click on "report",
>>>>>> wait a few minutes and then scroll down the page. You will see a
>>>>>> yellow box with a warning.
>>>>>>
>>>>>> I am at a loss to figure out what setting is missing in my powerdns
>>>>>> setup.
>>>>>>
>>>>>> Another thing: When I try to run the pdns-recursor, it won't start
>>>>>> while the SOA nameserver is running. They both bind to port 53. I
>>>>>> tried running the pdns-recursor on port 5300. It will start but
>>>>>> won't
>>>>>> act as a caching nameserver.
>>>>>>
>>>>>> Any help would be greatly appreciated.
>>>>>>
>>>>>> Regards,
>>>>>>
>>>>>> Don James
>>>>>>
>>>>>> _______________________________________________
>>>>>> Pdns-users mailing list
>>>>>> Pdns-users at mailman.powerdns.com
>>>>>> http://mailman.powerdns.com/mailman/listinfo/pdns-users
>>>>>
>>>>
>>>
>
More information about the Pdns-users
mailing list