[Pdns-users] Transfer zone with lower serial from master to slave
ktm at rice.edu
ktm at rice.edu
Wed Apr 23 13:22:51 UTC 2014
On Wed, Apr 23, 2014 at 03:07:00PM +0200, Nowaker wrote:
> Hey,
>
> I work for a company that offers DNS services. Most of the customers
> use standard service, but some customers choose a plan when our
> servers are just slaves. Whenever our customer lowers the serial, we
> have a problem. We get a bug report, we have to investigate what
> happened, and in most cases the reason is the customer lowered the
> serial. Is it possible for slave PowerDNS to *ignore* this, and
> perform the transfer anyway? The ideal solution would be to get the
> zone transfered if their serial (master) doesn't equal ours (slave).
> After all, we are a slave, so we should obey what the master says,
> without trying to question his orders ;)
>
> > The only solution that really makes sense is to change the transfer
> > rules so that slaves always transfer a zone unless it is equal to the
> > master number, which is equivalent to what you propose, minus the
> > arithmetic chicanery.
> > http://marc.info/?l=pdns-dev&m=121812703211141
>
> Has this ever been implemented in PowerDNS? (I mean "transfer a zone
> unless it is equal to the master number", not "Serial Number
> Arithmetic" that is not a case for me) Is there any switch in config
> file for that? Docs doesn't say anything about that but I just want
> to make sure.
>
> >If the SOA serial number there is *higher*, the domain is retrieved and inserted into the database.
> > http://doc.powerdns.com/html/slave.html
>
> However, the docs do say it's possible to define a custom axfrfilter
> method. Can this be used for my case? Does PowerDNS perform serial
> arithmetics and decide whether a transfer is going to be performed,
> or everything depends solely on axfrfilter?
>
> Thanks for your answers.
>
> --
> Kind regards,
> Damian Nowak
> StratusHost
> www.AtlasHost.eu
>
Hi Damian,
I certainly hope this NEVER, EVER is added to any DNS software ever.
This would mean that old, outdated DNS information would be cached. I
think your best bet is to use the lua script option for a zone axfr:
http://doc.powerdns.com/html/slave.html#lua-axfr-script
and ensure that your slaves all send a normal, increasing serial
number at all times. You may need to do some out-of-band monitoring
of their hidden master to identify a serial number change and force
a zone axfr on your end.
Regards,
Ken
More information about the Pdns-users
mailing list