Hi fooks, I've something strange: When I don't use dnsdist on my master dns, axfr to my slave works. When I place dnsdist in front of the master dns I get and AXFR error. The exact error is, when running a pdns_control retrieve example.com (replaced the actual domainname with example.com:
pdns_server: Starting AXFR of 'example.com' from remote 192.168.1.1:53 pdns_server: Unable to AXFR zone 'example.com' from remote '192.168.1.1' (resolver): AXFR chunk error: Server Failure I've read https://dnsdist.org/advanced/axfr.html and next dnsdist config file on the master (192.168.1.1), slave is on 192.168.1.2: setLocal('192.168.1.1') addLocal('127.0.0.1:53') setACL({'0.0.0.0/0', '::/0'}) -- Allow all IPs access newServer({address='127.0.0.1:5300', pool='auth'}) newServer({address='127.0.0.1:54', pool='recursor'}) newServer({address='192.168.1.1', name='master', pool={'master'}}) recursive_ips = newNMG() recursive_ips:addMask('192.168.1.2/32') recursive_ips:addMask('127.0.0.1/32') recursive_ips:addMask('192.168.1.3/32') addAction(NetmaskGroupRule(recursive_ips), PoolAction('recursor')) addAction(AllRule(), PoolAction('auth')) addAction(OrRule({QTypeRule(dnsdist.SOA), QTypeRule(dnsdist.AXFR), QTypeRule(dnsdist.IXFR)}), PoolAction('master')) addAction(AndRule({OrRule({QTypeRule(dnsdist.AXFR), QTypeRule(dnsdist.IXFR)}), NotRule(makeRule('192.168.1.1/32'))}), RCodeAction(dnsdist.REFUSED)) setECSOverride(true) setECSSourcePrefixV4(32) setECSSourcePrefixV6(128) Using: Master: CentOS 7.6 running: pdns-4.0.7-1, pdns-backend-mysql-4.0.7-1, pdns-recursor-4.1.12-1 and dnsdist-1.3.3-1 Slave: CentOS 7.6 running: pdns-4.1.8-1, pdns-backend-mysql-4.1.8-1, pdns-recursor-4.1.9-1 and dnsdist-1.3.3-1 Someone suggestions? I also tried updating pdns-server and pdns-recursor to 4.1x but that doesn't make any difference.
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Pdns-users mailing list Pdns-users@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/pdns-users
