[Pdns-users] Notify being ignored
remi.gacogne at powerdns.com
Thu May 4 07:52:40 UTC 2017
On 05/04/2017 12:10 AM, David Jones wrote:
> I have a PowerDNS server setup as a slave and see this in my logs
> Received NOTIFY for example.com from 126.96.36.199 but remote is not
> permitted by TSIG or allow-notify-from
> I was hoping to not have to maintain a long list of master IPs in the
> allow-notify-from. One would think that the IP being listed in the
> domains.master table would automatically allow NOTIFYs for that
> domain. One would also think that an IP being listed in the
> supermaster.ip table would allow NOTIFYs from that supermaster.
> Am I missing something? Will I need to add something to the
> domainmetadata table to allow NOTIFYs?
'allow-notify-from' defaults to '0.0.0.0/0,::/0', which allows
everything. Of course additional checks are performed afterwards, like
checking if the configuration requires a valid TSIG signature, whether
we are authoritative for the domain, that we are not master for it and
that the notifications comes from a known master or a super-master.
PowerDNS.COM BV - https://www.powerdns.com/
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 488 bytes
Desc: OpenPGP digital signature
More information about the Pdns-users