Hi. On Fri, Mar 09, 2018 at 06:25:24PM +0100, Jacques Rodary wrote: > > On Fri, Mar 09, 2018 at 03:34:27AM +0100, Jacques Rodary wrote: > > > > > ;; AUTHORITY SECTION: > > > rodary.net. 600 IN NS . > > > rodary.net. 600 IN NS ns6.gandi.net. > Here is my new dnsmasq.conf: > no-dhcp-interface=enp2s0 > auth-server=ns.rodary.net,88.170.1.143 > auth-zone=rodary.net > auth-soa=2018022800,root.ns.rodary.net,10800,3600,10800 > auth-sec-servers=ns6.gandi.net > dhcp-range=10.42.0.20,10.42.0.200,infinite > I added the auth-server line, and "dig in soa rodary.net" gives: > ;; ANSWER SECTION: > rodary.net. 600 IN SOA ns.rodary.net. > root.ns.rodary.net. 2018022801 10800 3600 10800 600 > ;; AUTHORITY SECTION: > rodary.net. 600 IN NS ns.rodary.net. > rodary.net. 600 IN NS ns6.gandi.net. > ;; Query time: 0 msec > ;; SERVER: 88.170.1.143#53(88.170.1.143) > which means ns.rodary.net is SOA of my zone and ns6.gandi.net is slave > server. Without master server the root zone "." servers were authoritative > for my zone (as they are for all zones). > > > Hate to break it to you, but it seems to fail for everyone else. > > > Today "dig in soa rodary.net" gives me SERVFAIL. > Tell me please if it works now.
Yup, all lights are green: ; <<>> DiG 9.10.3-P4-Debian <<>> in soa rodary.net ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 31015 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 512 ;; QUESTION SECTION: ;rodary.net. IN SOA ;; ANSWER SECTION: rodary.net. 599 IN SOA ns.rodary.net. root.ns.rodary.net. 2018022801 10800 3600 10800 600 Save this config elsewhere just in case. A backup never hurts. > > > I don't understand quite well how NetworkManager works. > > I don't understand it either, but frankly I don't need to. IP adresses, > > routing table and packet flow are the state of the kernel. Using > > always-running userland tool for their configuration *may* be > > appropriate in certain cases (DHCP, anyone?), but for your typical > > server environment such cases do not apply. > > That said, for your typical server environment nothing beats ifupdown. > > So my advice is - if you need a predictable behaviour - you exterminate > > NetworkManager, connman and other fancy toys, and stick to the ifupdown, > > or maybe systemd-networkd. > I may do that soon. Thanks for your precious help. You're welcome. Reco
