[Pdns-users] Migration to PowerDNS from Bind 9.7

Asanka Gunasekara asankag at talkup.com.au
Thu Nov 15 01:25:44 UTC 2018


Hi Ian,

Welcome aboard. I'm also new to PDNS and only an expert of few months :)

>From the info you provided everything seems to be good. Someone with higher understanding will chime in if there's something wrong with it :)

Assuming your Auth DNS servers are only serving private internal zones/domains, you can use the following setup to consolidate resources instead of having to run separate instances:
https://doc.powerdns.com/authoritative/guides/recursion.html

What I did was have 1 master and 2x slave (replication via mysql back-end) Auth servers. Master is only accessible via management IP and only used to configure DNS entries. Replication is also handled via management IP addresses for security and is setup as a one-way sync (master->slave). Only slaves are visible others in the organisation.

Both slaves are configured with Auth DNS + Recursor as per the Scenario 1 of the above link.

Hope this helps.
Kind Regards,
Asanka Gunasekara


On 15/11/2018 6:29:58 AM, Ian Easter <ieaster at telvue.com> wrote:
Howdy folks!

As many before me, I have inherited a network infrastructure that is showing its age.  First order is to update the self-hosted DNS servers.  This is new territory for me, so I get the opportunity to learn as I progress in the endeavor.

Right now it is 1 BIND Master and 2 BIND Slaves and they provide DNS for our local office as well as a remote Colo.  They handle the Private Internal Zones we have as well as directing requests for public internet resolution.  At least, I believe that to the best summary of how they're performing.

I have a test environment setup currently and everything looks to be running smoothly.  My question is geared toward verifying if I understood the overall functions correctly and have things configured as it should be (optimally).

I have PDNS Recursor sitting as the front for all of the DNS requests so they may be resolved for public websites/access and I have the `forward-zones` option set to forward all requests to the Authoritative and Slave PDNS Servers for our private internal domains.  So Recursor is getting all requests, private zone/domain requests are forwarded to the Authoritative server and all others are obtained externally.

Is this the proper setup or is there a way that the Authoritative DNS Server would need to be configured to manage requests in this fashion?

Thank you.

_______________________________________________ Pdns-users mailing list Pdns-users at mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/pdns-users

---
This email has been checked for viruses by Avast antivirus software.
https://www.avast.com/antivirus
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20181115/f02f7aa3/attachment.html>


More information about the Pdns-users mailing list