[Pdns-users] Zone transfert rejected in Powerdns Letsencrypt challenge

Cheikh Dieng tekdieng at gmail.com
Mon Jun 21 07:53:15 UTC 2021


Hi,

My powerdns reject request for zone transfert .

My powerdns domain is "cloud.lfpw.dsna.fr" it is a sub domain of "
lfpw.dsna.fr" (this parent domain  is not a powerdns solution).
For Letsencrypt protocol to generate certificate I have to enable zone
transfer in my powerdns.

Is my pdns.conf file correct ?

local-address = 0.0.0.0, ::
launch = ldap
guardian = yes
ldap-host = ldap: //200.17.xx.xx: 1389 /
ldap-basedn = dc = cloud, dc = lfpw, dc = dsna, dc = fr
ldap-binddn = cn = admin, dc = dsna, dc = fr
ldap-secret = xxxxx
ldap-method = simple
disable-axfr = no
allow-axfr-ips = 127.0.0.0 / 8,195.xx.xx.xx / 32,51.91.xx.xx / 32
local-port = 53
cache-ttl = 0

loglevel = 9
logging-facility = 0
api = yes
api-key = xxxxx
master = yes
include-dir = / etc / powerdns / pdns.d


My powerdns listen in port 2053.

The AXFR request failed, see bellow:

[pduser at hyp03 ~]$ dig axfr @0 cloud.lfpw.dsna.fr -p 2053

; <<>> DiG 9.11.26-RedHat-9.11.26-4.el8_4 <<>> axfr @0 cloud.lfpw.dsna.fr -p
2053
; (1 server found)
;; global options: +cmd
; Transfer failed.

Any idea ?



Thanks for you help.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20210621/b79791aa/attachment.htm>


More information about the Pdns-users mailing list