[Pdns-users] New to PowerDNS
ktm at rice.edu
ktm at rice.edu
Thu Jun 26 22:12:44 UTC 2014
On Thu, Jun 26, 2014 at 10:21:06PM +0100, Jorge Bastos wrote:
> > It takes very little time for powerdns to pick up the changes. Adding
> > records is backend specific, but assuming you are using mysql backend
> > (gmysql), you can use the schema at
> >
> > http://doc.powerdns.com/html/generic-mypgsql-backends.html#idp62194400
> >
> > This will also show you how to insert records.
>
> >
> > To enable DNSSEC, first set gmysql-dnssec=yes in configuration, then
> > run
> >
> > pdnssec secure-zone your.zone
> >
> > This will create the necessary DNSSEC information for live signing. You
> > can verify the changes with
> >
> > pdnssec show-zone your.zone
> >
> > this will also show you the DS and DNSKEY records you need for
> > upstream.
>
> Hi Aki,
>
> Confirm, its refreshed a few seconds after i insert the records.
>
> For the DNSSEC part, is there a way to create the DNSSEC information just by SQL ?
>
> If not, the solution is to run "pdnssec secure-zone ZONE" in a loop on a cron script, am I right?
>
Hi Jorge,
I do not know about a SQL only solution for MySQL DNSSEC signing, but I
know that there is a sample schema for Oracle that includes the needed
triggers and functions and that I have a basically complete version of
the same for PostgreSQL that I will be submitting to the PDNS folks once
we have it vetted for production. Maybe you can cobble something together
for MySQL for those as examples. Otherwise 'pdnssec secure-zone your.zone'
is your friend.
Regards,
Ken
More information about the Pdns-users
mailing list