[Pdns-users] Problem with 'allow-axfr-ips'

Michel Otte michel at cybox.nl
Wed Mar 20 07:22:29 UTC 2024 

Hi Bino,

The message "not authoritative" means pdns thinks it is not authoritative
(i.e. primary/secondary) for the zone domain0.bino.

According to the BIND backend `bind-config` directive, it supports the
`type` parameter in the `zone` section. See also:
https://doc.powerdns.com/authoritative/backends/bind.html#bind-config This
leads me to believe `type` is not set to either `master` or `slave`.

You could check with `pdnsutil show-zone domain0.bino` to see what pdns has
picked up this zone and / or what it thinks the type is.

With kind regards,
Michel Otte

Op wo 20 mrt 2024 om 05:10 schreef Bino Oetomo via Pdns-users <
pdns-users at mailman.powerdns.com>:

> dear all
>
> I have a powerdns installation with this config :
>
> ```
> bind-ignore-broken-records=yes
> setuid=named
> setgid=named
> launch=bind
> bind-config=/etc/bind-for-pdns
> bind-dnssec-db=/var/cpanel/pdns/dnssec.db
> local-address-nonexist-fail=no
> distributor-threads=1
> disable-axfr=no
> also-notify=192.168.1.123:5300, 192.168.8.79:53
> allow-axfr-ips=127.0.0.0/8,::1, 192.168.1.123, 192.168.8.79
> webserver=yes
> api=yes
> webserver-address=127.0.0.1
> webserver-allow-from=127.0.0.1,::1
> webserver-password=SECRET
> webserver-port=953
> api-key=SECRET
> upgrade-unknown-types=1
> master=yes
>
> ```
>
> but when I try  "dig AXFR domain0.bino @127.0.0.1", from jornalctl I got
>
> ```
>
> Mar 20 10:56:39 my-server pdns_server[102277]: AXFR-out zone
> 'domain0.bino', client '127.0.0.1', transfer initiated
> Mar 20 10:56:39 my-server pdns_server[102277]: AXFR-out zone
> 'domain0.bino', client '127.0.0.1', failed: not authoritative
>
> ```
>
> Kindly please tell me what to check/do to fix this problem
>
> -bino-
> _______________________________________________
> Pdns-users mailing list
> Pdns-users at mailman.powerdns.com
> https://mailman.powerdns.com/mailman/listinfo/pdns-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20240320/6c3b5457/attachment.htm>

More information about the Pdns-users mailing list