[Pdns-users] Running auth server and recursor on the same server, upgrading from 4.0.9
Juraj Lutter
juraj at lutter.sk
Tue Jun 23 18:38:48 UTC 2020
> On 23 Jun 2020, at 20:25, Brian Candler via Pdns-users <pdns-users at mailman.powerdns.com> wrote:
>
> On 23/06/2020 19:07, Yves Goergen via Pdns-users wrote:
>> I have only one server and one IPv4 address, so using a multi-IP setup just isn't possible. With the decreased availability of IPv4 addresses, this isn't realistic either.
>>
> It's not a problem: your recursor can be behind NAT on a private IP address. Only your auth server needs to be accessible from the Internet - and even then, only if you want your domains to be resolvable externally (in which case, please also read RFC2182 and set up at least one secondary on a remote network)
>
>>
>> So how is this supposed to work? Can I still use PowerDNS or will I have to find another solution that has the same features as PowerDNS 4.0.9?
>
> dnsdist is overkill here. For a small home network:
>
> - stick your recursor(s) on a private IP
>
> - stick your authoritative on a public IP (if required to be reachable from outside)
>
> - on your recursor, configure any private non-delegated domains, i.e. those without NS records in the public DNS, to forward those queries to the authoritative server.
>
> For example:
>
> forward-zones-file=/etc/powerdns/forward.zones
>
> and in that file you could put:
>
> int.example.com=192.168.1.53
> 168.192.in-addr.arpa=192.168.1.53
> 10.in-addr.arpa=192.168.1.53
> +.=9.9.9.9
>
While we’re at it: How would one solve the situation where the domains are in, like, SQL?
otis
More information about the Pdns-users
mailing list