[Pdns-users] Valid masters

Andy Smith andy at strugglers.net
Tue Dec 1 22:23:45 UTC 2020


Hi Daniel,

On Tue, Dec 01, 2020 at 01:36:36PM -0800, Daniel Miller via Pdns-users wrote:
> Is there a way of querying a slave server/zone and obtaining a list of valid
> master IP's - not just reading the config file?

No. The zone data does not record where it came from, unless you put
that information in on purpose.

All of the listed NS records should serve the zone and one or more
of them may allow AXFR from a host that it recognises as a valid
secondary, but you don't know which (if any) of these was the
primary. It could easily be none of them as a hidden primary server
is a very common setup.

The primary server need not even be on the public Internet or
communicate by AXFR, as any method of getting the data to the
secondary servers is valid. e.g. rsync, MySQL replication, smoke
signals, …

Would be a pretty big blow to hidden primary setup if you could find
the primary from querying the DNS.

Cheers,
Andy


More information about the Pdns-users mailing list