[Pdns-users] Notify from master is not accepted
Roland Giesler
roland at giesler.za.net
Tue Oct 8 15:25:29 UTC 2024
On 2024/10/08 07:43, Otto Moerbeek wrote:
>> What should I do to allow the changes onto PowerDNS?
> allow-notify-from only works on the network, by default a secondary
> zone still only allows notifies from IPs mentioned as primary (i.e.
> listed in the list of IPs when doing
>
> pdnsutil create-secondary-zone zone primary...
If have tested now that if I simply recreate the zone from the GUI and I
specify both addresses (the LAN and public ip) of the master, then the
notify is accepted!
> So the question is: is 192.168.131.102 listed as a primary? On the
> secondary use:
>
> pdnsutil show-zone fast.za.net
It is now:
# pdnsutil show-zone fast.za.net
Oct 08 17:11:50 [bindbackend] Done parsing domains, 0 rejected, 0 new, 0
removed
This zone is owned by gts
This is a Slave zone
Primaries: 197.214.119.180:53 192.168.131.102:53
> The Primaries list will be in the second line.
>
> If it is not listed you might want to add it, using pdnsutil
> change-secondary-zone-primary, or alternatevily use TSIG signed
> notifies or list the notify source as a
> https://docs.powerdns.com/authoritative/settings.html#trusted-notification-proxy
I have listed all my primaries (Mail-in-a-box) servers as trusted
proxies, so let's see if that is sufficient.
Roland
>
> -Otto
More information about the Pdns-users
mailing list