[Pdns-users] Some questions regarding Postgres Replication / Native operation

[Fabian]

Hi Klaus,

Thanks for clarification.

I wasn’t aware that every PDNS-Server instance is doing the DNSSEC singing inline and on the fly. 

I guess you’re right, there are minimal writes to PDNS only via nsupdate. 
Is there any way to forward those requests to the writable instance or do I have to specify the right one in the nsupdate dialog?

Best regards,
Fabian

> On 15. Oct 2017, at 21:00, Klaus Darilion <klaus.mailinglists at pernau.at> wrote:
> 
> Am 07.10.2017 um 22:59 schrieb Fabian:
>> Hi,
>> 
>> I have some questions regarding the integration of PostgreSQL replication and PowerDNS operating in native mode.
>> As the replication of Postgres is a master - slave replication the transactions on the slaves are read-only.
>> 
>> - Is there a way to delegate all write operations the the PowerDNS “master” (the one using the PostgreSQL master instance), like "forward-dnsupdate=yes” does for dnsupdates?
> 
> Are there any write operations? In native mode I guess there shouldn'T be any write queries - maybe only for DNSSEC key management.
> 
> Maybe if you do some fancy stuff only against the PowerDNS which uses the Postgres-Master then it should work.
>> - How does the DNSSEC inception works with the native mode? Will the “master” try to re-sign the zone or are all PowerDNS servers trying to re-sign the zone (with failures on the read-only databases)?
> AFAIK PowerDNS does online-signing - hence the signatures are not in the DB. Hence, every node does signing on its own (A PowerDNS server does not know if the Postgresql DB is a replication slave or master).
> 
> What exactly is your problem?
> 
> regards
> Klaus