[Pdns-users] PowerDNS and notifies on bind backend
Peter van Dijk
peter.van.dijk at netherlabs.nl
Mon Nov 25 11:22:25 UTC 2013
Hello Marcin.
On Nov 25, 2013, at 10:46 , Marcin Deranek wrote:
> Recently I came across interesting problem with notifies and bind
> backend. Our setup consist of Bind master and PowerDNS 3.3 slaves.
> PowerDNS slaves are configured with:
>
> slave=yes
> bind-config=/etc/pdns/bind.conf
>
> statements. Zones are defined as:
>
> zone "example.com" IN {
> type slave;
> file "slave/example.com.zone";
> masters { 10.0.0.1; };
> };
>
> The thing is that PowerDNS accepts all notifes and tries to process
> them as they arrive. It accepts notifies for zones it doesn't know
> about (not configured) from any host (not master). In such scenario
> I'm able to send notify for zone foo.com from any host and PowerDNS will
> try to get SOA from the host which sent notify. PowerDNS will wait up
> to 3s and move on to the next notify. Sample log lines:
>
> Nov 22 13:09:31 kvm-01 pdns[12772]: Received NOTIFY for foo.com from 10.146.69.21 for which we are not authoritative
> Nov 22 13:09:35 kvm-01 pdns[12772]: Error resolving SOA or NS for foo.com at: 10.146.69.21: Timeout waiting for answer from 10.146.69.21
>
> My question is: how do I disable such behaviour ? I would like PowerDNS
> accept notifies for zones it knows about (configured using bind-config)
> and only from defined masters.
Right now there is no way to avoid this behaviour (other than removing 'slave=yes', which obviously would be a problem for you).
Please file a feature request at https://github.com/PowerDNS/pdns/issues if you would like to see this behaviour changed.
If you feel this issue is actively hurting your setup, please let us know!
Kind regards,
--
Peter van Dijk
Netherlabs Computer Consulting BV - http://www.netherlabs.nl/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 841 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20131125/6557934f/attachment-0001.sig>
More information about the Pdns-users
mailing list