[Pdns-users] Valid masters

Daniel Miller dmiller at amfes.com
Tue Dec 1 23:18:27 UTC 2020


On 12/1/2020 2:23 PM, Andy Smith via Pdns-users wrote:
> Hi Daniel,
>
> On Tue, Dec 01, 2020 at 01:36:36PM -0800, Daniel Miller via Pdns-users wrote:
>> Is there a way of querying a slave server/zone and obtaining a list of valid
>> master IP's - not just reading the config file?
> No. The zone data does not record where it came from, unless you put
> that information in on purpose.
>
> All of the listed NS records should serve the zone and one or more
> of them may allow AXFR from a host that it recognises as a valid
> secondary, but you don't know which (if any) of these was the
> primary. It could easily be none of them as a hidden primary server
> is a very common setup.
> nfo/pdns-users

I'm sure the answer is still, "no", but I don't think I expressed my 
question properly. What I'm after is a list of IP's a given pdns slave 
will accept as acceptable NOTIFY masters for a given zone. So, given a 
combination of NS records, configured supermasters, allow-notify-from, 
etc., what are the possible valid IP's?

So when I get a, "pdns_server[xxx]: Received NOTIFY for example.domain 
from 1.2.3.4:13376 which is not a master (Refused)" I could compare that 
to the "valid" list. Since I have "1.2.3.4" listed with an NS, and in 
"allow-notify-from", and configured as a supermaster - and it's still 
not going through - I'm looking for possible answers.

Daniel




More information about the Pdns-users mailing list