[Pdns-users] Issues with PowerDNS Authoritative Server on CentOS7
Brian Candler
b.candler at pobox.com
Tue Aug 18 18:08:20 UTC 2020
On 18/08/2020 16:05, Fabio Perez wrote:
>
> Hello Brian,
>
> Thanks for getting back to me, but now I’m even more confuse.
>
> I though that If I create an Authoritative DNS sever and add that IP
> on a different VM as a nameserver, the second VM will only receive
> answers from the DNS if the DNS has that record on it’s Database.
>
> And if I add a recursor DNS that means that if the DNS doesn’t have
> the record It will ask over the internet to a different DNS server for
> that.
>
The roles involved in DNS are:
stub resolver --------> recursor ---------> authoritative
The stub resolver is the client library at the client host. It's what
you configure in /etc/resolv.conf [or via DHCP]. You configure the IP
address of the recursor, or perhaps two or three recursors for redundancy.
The stub resolver sends its request to the recursor.
The recursor knows how to find authoritative nameservers on the Internet
which hold the answers required. It does this by following NS records
(delegations).
> If this is not the case, then why do we need Authoritative DNS?
>
The authoritative server contains the data which is published by the
domain owner.
For example, say you send a query for "www.google.com". The answer is
held in the authoritative nameservers for google.com. The recursor sends
the queries to them, on behalf of the client, and caches the result in
case another client asks the same query soon afterwards. (Hence
"recursor" is also known as "caching nameserver")
> What I’m trying to do is:
>
> VM1 running a WHMCS server
>
> VM2 running DirectAdmin
>
I've no idea what WHMCS or DirectAdmin are, but I'm presuming these are
just applications which need to make DNS queries as part of their operation.
> VM3 and VM4 running PowerDNS
>
> So, on the first 2 VMs I added both DNS servers as nameservers.
>
In other words: you configured /etc/resolv.conf (or the RedHat
equivalent in /etc/sysconfig), such that VM1 and VM2 send all their DNS
queries to VM3 and VM4?
In that case, VM3 and VM4 should be running PowerDNS recursor.
You do not need to install PowerDNS Authoritative unless you own a
domain, and you want to publish information about that domain to the
Internet. And then you should run it in a *different* VM.
Although some DNS server software permits the bad practice of running
both recursor and authoritative in the same server instance, PowerDNS
does not let you do this.
Regards,
Brian.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20200818/8d517183/attachment.htm>
More information about the Pdns-users
mailing list