They're multiple technical reasons for not running PowerDNS on most of
the slave
servers.
Besides, each server typically runs only one DNS authoritative server
implementation,
just not the same. And the list of zones to slave is short enough to be
loaded from a
script-generated config.
There's also the security aspect of not sharing the ZSK key with the
slaves, feeding
them only a presigned zone or zone delta (once IXFR is actually
implemented).
PowerDNS documentation for slaving presigned zones indicate a somewhat
incomplete implementation (ignores master's choice of NSEC3 records), making
other DNS implementations preferable for slaves.
On 26/09/2019 08:13, Thomas Mieslinger wrote:
Depending on the setting of records ttl, max-cache size, packet-cache
size pdns will do a select of the name in the underlying database.
Setting caching and ttl to reasonable low values will force pdns to do
selects in the database.
To me it is a lot easier to monitor the mysql "seconds behind master"
metric to be sure that all pdns have the latest data instead of having
to monitor the zone serial of many zones on many servers.
Is there a technical or organizational reason to run different DNS
Server Softwares in your setup? Usually you need more FTE if you are
running bind, knot, nsd, powerdns in parallel instead of using only one
software.
On 9/25/19 10:28 PM, jb-wisemo via Pdns-users wrote:
Most of the slaves are not running powerdns. So can't use database
replication to the slaves.
And even if they did run powerdns, they would still need a way to
tell pdns_server that the database hasbeen updated by replication.
On 24/09/2019 19:28, Satya Sharma wrote:
Use SQL replication on all the Slave servers. Making SQL replication
will add speed.
On Tue, 24 Sep 2019 00:31:30 +0200 <jb-power...@wisemo.com
<mailto:jb-power...@wisemo.com>> wrote:
Date: Tue, 24 Sep 2019 00:31:30 +0200
From: jb-wisemo <jb-power...@wisemo.com
<mailto:jb-power...@wisemo.com>>
To: pdns-users@mailman.powerdns.com
<mailto:pdns-users@mailman.powerdns.com>
Subject: [Pdns-users] How should my backend tell pdns that
pdns_server
that it has changed the zone
Message-ID: <cabf1a44-17f8-95e6-ef86-881c0520f...@wisemo.com
<mailto:cabf1a44-17f8-95e6-ef86-881c0520f...@wisemo.com>>
Content-Type: text/plain; charset=utf-8; format=flowed
Hi,
I am creating a custom master-mode backend for a special use. But
some
questions are left open or vague by the documentation, here is the
first
one:
How shall I tell pdns_server that I have changed my zone and
increased
the zone serial in the database?
Idea is to trigger notify and replication to ordinary slaves as
quickly
as possible, being able to tell code elsewhere that the changes
should
now be available in the global DNS (doing my own TTL calculations).
Zone may be unsigned or NSEC3-wide, as NSEC3-narrow doesn't seem to
support replication to slaves that don't have the ZSK private key.
Enjoy
Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S. https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark. Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded
_______________________________________________
Pdns-users mailing list
Pdns-users@mailman.powerdns.com
https://mailman.powerdns.com/mailman/listinfo/pdns-users
