[Pdns-users] Configuring dnsdist

Steven Garner stevenjgarner at gmail.com
Sat May 8 18:12:49 UTC 2021 

I am getting errors with my configuration of dnslist.

I want to provide authoritative dns for several hundred public domains, for
which I understand recursion is required, yet (as of version  4.1.0),
PowerDNS Authoritative Server no longer allows recursion.  For recursion, I
understand I need to install PowerDNS Recursor (v 4.5.X) and dnsdist (v
1.6.X) in addition to PowerDNS Authoritative Server (v 4.4.X), following
the migration plan scenario 2 under
https://doc.powerdns.com/authoritative/guides/recursion.html.

Following the above guide, I have installed all 3 applications:

   - systemctl status pdns.service is reporting the PowerDNS Authoritative
   Server is Active: active (running) - as per the guide, I have added to
   pdns.conf with:

   local-address=127.0.0.1
   local-port=5300




   - systemctl status pdns-recursor.service is reporting the PowerDNS
   Recursor is Active: active (running) - as per the guide, I have added to
   recursor.conf:

   local-address=127.0.0.1
   local-port=5301


   - systemctl status dnsdist.service is reporting dnslist is Active:
   activating (auto-restart) (Result: exit-code) ... --check-config
   (code=exited, status=1/FAILURE) - as per the guide, I have created
   dnsdist.conf

   setLocal('IPADDRESS:PORT')
   addLocal('ANOTHERIPADDRESS:PORT')
   setACL({'0.0.0.0/0', '::/0'}) -- Allow all IPs access

   newServer({address='127.0.0.1:5300', pool='auth'})
   newServer({address='127.0.0.1:5301', pool='recursor'})

   recursive_ips = newNMG()
   recursive_ips:addMask('NETWORKMASK1') -- These network masks are the
   ones from allow-recursion in the Authoritative Server
   recursive_ips:addMask('NETWORKMASK2')

   addAction(NetmaskGroupRule(recursive_ips), PoolAction('recursor'))
   addAction(AllRule(), PoolAction('auth'))

These are installed on an Ubuntu 20.04 server with private IP address
192.168.1.2 inside a router with TCP/UDP port 53 forwarded to 192.168.1.2
from the external public IP address 207.177.51.156 (ns2.opensourceserver.io).
So in the above config, I replaced IPADDRESS:PORT with 192.168.1.2:53 and
deleted the 2nd line "addLocal('ANOTHERIPADDRESS:PORT')".

I do not understand with what I should replace the NMG,  NETWORKMASK1,
NETWORKMASK2,  and the remaining config (or if I should just delete it if I
have no network masks)?

When I dig opensourceserver.io @ns2.opensourceserver.io, I either get
"connection timed out; no servers could be reached" or "status: SERVFAIL"
from different Internet locations.

I have also consulted the documentation at https://dnsdist.org/, without
any real edification.  Is there any good (comprehensive) tutorial on PDNS -
the only things I can find on Google are tutorials like
https://kifarunix.com/easily-install-and-setup-powerdns-on-ubuntu-20-04/,
which are completely out of date.

Any help would be appreciated.


Steve Garner
+1 302 364 0325 (USA)
stevenjgarner at gmail.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20210508/95556bcf/attachment-0001.htm>

More information about the Pdns-users mailing list