[Pdns-users] Running auth server and recursor on the same server, upgrading from 4.0.9

Juraj Lutter juraj at lutter.sk
Tue Jun 23 18:38:48 UTC 2020


> On 23 Jun 2020, at 20:25, Brian Candler via Pdns-users <pdns-users at mailman.powerdns.com> wrote:
> 
> On 23/06/2020 19:07, Yves Goergen via Pdns-users wrote:
>> I have only one server and one IPv4 address, so using a multi-IP setup just isn't possible. With the decreased availability of IPv4 addresses, this isn't realistic either.
>> 
> It's not a problem: your recursor can be behind NAT on a private IP address.  Only your auth server needs to be accessible from the Internet - and even then, only if you want your domains to be resolvable externally (in which case, please also read RFC2182 and set up at least one secondary on a remote network)
> 
>> 
>> So how is this supposed to work? Can I still use PowerDNS or will I have to find another solution that has the same features as PowerDNS 4.0.9? 
> 
> dnsdist is overkill here.  For a small home network:
> 
> - stick your recursor(s) on a private IP
> 
> - stick your authoritative on a public IP (if required to be reachable from outside)
> 
> - on your recursor, configure any private non-delegated domains, i.e. those without NS records in the public DNS, to forward those queries to the authoritative server.
> 
> For example:
> 
> forward-zones-file=/etc/powerdns/forward.zones
> 
> and in that file you could put:
> 
> int.example.com=192.168.1.53
> 168.192.in-addr.arpa=192.168.1.53
> 10.in-addr.arpa=192.168.1.53
> +.=9.9.9.9
> 

While we’re at it: How would one solve the situation where the domains are in, like, SQL?

otis



More information about the Pdns-users mailing list