[Pdns-users] How to config pdns to send notification to addres not in "IN NS" record.

Bino Oetomo wowon01 at gmail.com
Tue Mar 12 10:41:16 UTC 2024 

dear all

I have a cpanel box with powerdns as it's DNS server. it's IP address is
192.168.1.101

Here is it's configuration

```

[root at cpaneldev ~]# more /etc/pdns/pdns.conf
bind-ignore-broken-records=yes
setuid=named
setgid=named
launch=bind
bind-config=/etc/named.conf
bind-dnssec-db=/var/cpanel/pdns/dnssec.db
local-address-nonexist-fail=no
distributor-threads=1
disable-axfr=no
allow-axfr-ips=192.168.8.79,192.168.8.78
also-notify=192.168.8.79,192.168.8.78
webserver=yes
api=yes
webserver-address=127.0.0.1
webserver-allow-from=127.0.0.1,::1
webserver-password=_DELETED_
webserver-port=953
api-key=_DELETED_
upgrade-unknown-types=1
```

i have some domain hosted in it, created via it's CPANEL webUI
the generated bind zone definition:
```
zone "domain0.bino" {
type master;
file "/var/named/domain0.bino.db";
};

```
and this is a snip of cpanel generated BIND zond db file

```
; cPanel first:116.0.14 (update_time):1710237028
Cpanel::ZoneFile::VERSION:1.3 hostname:cpaneldev.binobox.net latest:116.0.14
; Zone file for domain0.bino
$TTL 14400
domain0.bino. 86400 IN SOA ns1.cpaneldev.binobox.net.
emailserver.binobox.net. 2024031217 3600 1800 1209600 86400
domain0.bino. 86400 IN NS ns1.cpaneldev.binobox.net.
domain0.bino. 86400 IN NS ns2.cpaneldev.binobox.net.
```
Yes that 192.168.8.78 and 192.168.79 is not in it's "IN NS" record

Note that 192.168.8.78 and 192.168.8.79 is just a standard BIND9 server.

here is bind9 config of 192.168.8.79
```

root at risetdns02:~# more /etc/bind/named.conf.options

options {
          directory "/var/cache/bind";
          query-source address 192.168.8.79;
          notify-source 192.168.8.79;
          transfer-source 192.168.8.79;
          port 53;
          allow-new-zones yes;
          listen-on { 192.168.8.79; 127.0.0.1; };
          listen-on-v6 { none; };
          notify explicit;
          recursion no;
          allow-transfer { any; };
          allow-notify {192.168.1.101;};
};

zone "domain0.bino" {
type secondary;
file "/var/named/domain0.bino.db";
primaries {103.30.144.60;};
};

```

The initial zone transfer by 192.168.8.78 and 192.168.8.79 is work fine.

```
root at risetdns02:~# dig +short @192.168.8.79 domain0.bino soa
ns1.cpaneldev.binobox.net. emailserver.binobox.net. 2024031214 3600 1800
1209600 86400

```

I did some record editing
when I check soa at powerdns server, I got
```
[root at cpaneldev ~]# dig +short @192.168.1.101 domain0.bino soa
ns1.cpaneldev.binobox.net. emailserver.binobox.net. 2024031217 3600 1800
1209600 86400
```

But when I recheck 192.168.8.79, I still got the old SOA series.
I check log file of that server, and can't found indication that it receive
any notification from powerdns (192.168.1.101)

I Also do 'journalctl -f' at powerdns box while editing record ... there is
no indication that it send any notification.

Kindly please telme how to check or do to tell this powerdns to notify all
record changes to some server listed in "also-notify" event the server IP
Address is not in "IN NS" record of that domain.

sincerely
-bino-
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20240312/06cf8c46/attachment.htm>

More information about the Pdns-users mailing list