[Pdns-users] PowerDNS and notifies on bind backend
Marcin Deranek
marcin.deranek at booking.com
Mon Nov 25 09:46:20 UTC 2013
Hi,
Recently I came across interesting problem with notifies and bind
backend. Our setup consist of Bind master and PowerDNS 3.3 slaves.
PowerDNS slaves are configured with:
slave=yes
bind-config=/etc/pdns/bind.conf
statements. Zones are defined as:
zone "example.com" IN {
type slave;
file "slave/example.com.zone";
masters { 10.0.0.1; };
};
The thing is that PowerDNS accepts all notifes and tries to process
them as they arrive. It accepts notifies for zones it doesn't know
about (not configured) from any host (not master). In such scenario
I'm able to send notify for zone foo.com from any host and PowerDNS will
try to get SOA from the host which sent notify. PowerDNS will wait up
to 3s and move on to the next notify. Sample log lines:
Nov 22 13:09:31 kvm-01 pdns[12772]: Received NOTIFY for foo.com from 10.146.69.21 for which we are not authoritative
Nov 22 13:09:35 kvm-01 pdns[12772]: Error resolving SOA or NS for foo.com at: 10.146.69.21: Timeout waiting for answer from 10.146.69.21
My question is: how do I disable such behaviour ? I would like PowerDNS
accept notifies for zones it knows about (configured using bind-config)
and only from defined masters.
Regards,
Marcin
More information about the Pdns-users
mailing list