On 2019-05-28 22:04, Walter Parker wrote:
On Tue, May 28, 2019 at 5:54 PM Chris <p...@cbserviceslondon.com>
wrote:
On 2019-05-28 15:23, bert hubert wrote:
On Tue, May 28, 2019 at 03:06:33PM -0400, Chris wrote:
This DNS server has been running on Debian 7 Wheezy for years
without
issue.
Debian 7.11 packaged PowerDNS 2.9.22.
Since 2.9.22 PowerDNS has changed a lot. Run pdnsutil check-zone
on
your
zones. You are likely missing SOA records, or have defective ones,
which
makes modern PowerDNS conclude the whole zone isn't there, leading
to a
'Refused'.
Good luck!
Bert
Hmmm. You're right. I get:
[error] No SOA record present, or active, in zone 'remote.local'.
I have an SOA record, but I obviously have something wrong with it.
I'm using the PowerAdmin web interface, and in the hostmaster email
address it's replacing the @ with a .
Could that have something to do with it?
Chris
_______________________________________________
Pdns-users mailing list
Pdns-users@mailman.powerdns.com
https://mailman.powerdns.com/mailman/listinfo/pdns-users
Another thing to be aware of, if you move to version 4.1 or later,
recursion was removed from PowerDNS. You will have to a separate
server application to make non authoritative (recursive) DNS requests
at that point.
Walter
--
The greatest dangers to liberty lurk in insidious encroachment by men
of zeal, well-meaning but without understanding. -- Justice Louis D.
Brandeis
_______________________________________________
Pdns-users mailing list
Pdns-users@mailman.powerdns.com
https://mailman.powerdns.com/mailman/listinfo/pdns-users
I got it working!
I did some Googling, looking for the proper syntax for a PowerDNS SOA
record, and in the process stumbled across the:
pdnsutil create-zone
command.
I figured since this zone had been made with PowerAdmin at some distant
point in the past, that probably the easiest way to fix it was to just
delete it and recreate it with the proper command.
This won't work for everyone, at least without a lot of work, but since
the script that updates my DNS from the OpenVPN status file also creates
DNS entries for anything that doesn't currently exist, all my host
records would be recreated simply by running the script.
So, I deleted it, recreated it, then went into the database and changed
the domain id to match what it used to be (the script is dependent on
the id), including the SOA and NS records that were during creation.
Ran the script, ran a host query, and got results!
Awesome!
I then tried to manually fix a second domain running on the same server
for similar purposes, by updating the SOA to match the one that now
worked.
pdnsutil check-zone
then told me I had no NS record, which was correct; I didn't.
Adding an NS didn't fix it, though. For this one, I was always getting
NXDOMAIN results, even for hosts I _knew_ were in the database, because
I was looking at them.
I think it's safe to say that more recent versions of PowerDNS are
_very_ picky about zone record configuration.
Deleting and recreating this zone in the same way also fixed it, though,
so all is up and running properly now.
Thanks for the assistance.
Chris
_______________________________________________
Pdns-users mailing list
Pdns-users@mailman.powerdns.com
https://mailman.powerdns.com/mailman/listinfo/pdns-users
