Adding powerdns mailing list.
On Fri, Oct 16, 2020 at 3:25 PM Satish Patel <satish....@gmail.com> wrote: > > Thanks for reply, I do have whitelisted slave IP (whole subnet > 10.64.0.0/21) and I am not using TSIG at this point because its > internal DNS (not looking for any security at this point) > > My master config: > > setuid=pdns > setgid=pdns > launch=bind > allow-axfr-ips=10.64.0.0/21 > allow-dnsupdate-from=127.0.0.0/8,10.64.0.0/21,::1 > also-notify=10.64.0.11:5300 > only-notify= > api=yes > api-key=XXXXXXXXXXXXXXXX > disable-axfr=no > dnsupdate=yes > local-port=5300 > log-dns-details=yes > log-dns-queries=yes > master=yes > webserver=no > launch=gmysql > gmysql-host=localhost > gmysql-user=pdns-admin > gmysql-password=XXXXXXX > gmysql-dbname=pdns > > My Slave config: > > setuid=pdns > setgid=pdns > launch=bind > allow-notify-from=10.64.0.10/32 > allow-dnsupdate-from=10.64.0.10/32 > api=no > disable-axfr=no > dnsupdate=yes > local-port=5300 > log-dns-details=yes > log-dns-queries=yes > loglevel=999 > master=no > slave=yes > superslave=yes > slave-cycle-interval=60 > webserver=no > launch=gmysql > gmysql-host=localhost > gmysql-user=pdns-admin > gmysql-password=XXXXXXXXXX > gmysql-dbname=pdns > > MySQL supermaster > > MariaDB [pdns]> select * from supermasters; > +------------+--------------------------------+---------+ > | ip | nameserver | account | > +------------+--------------------------------+---------+ > | 10.64.0.10 | ns2.foo.example.net | admin | > +------------+--------------------------------+---------+ > > On Fri, Oct 16, 2020 at 2:54 PM Michael Rommel <rom...@layer-7.net> wrote: > > > > Hi, > > > > you could look at the config whether you have whitelisted the ip of the > > slave on the master for zone transfers (AXFR). > > > > Secondly, if you have configured, that only signed transfers are allowed, > > look whether the correct TSIG keys are configured on master and slave. > > > > HTH, > > > > Michael. > > > > -- > > Michael Rommel, Erlangen, Germany > > > > > On 16. Oct 2020, at 20:36, Satish Patel via Pdns-users > > > <pdns-users@mailman.powerdns.com> wrote: > > > > > > Folks, > > > > > > I have installed fresh PowerDNS version pdns-4.3.1-1 on centOS8 and > > > setup master-slave for replication. when i added a new zone on master > > > i got the following error on slave server logs, any idea what is > > > wrong? > > > > > > I did add a supermaster entry and SOA NS record etc so i can confirm > > > they are good and correct. > > > > > > Oct 16 14:01:23 pdns-2.foo.example.net pdns_server[27983]: 1 slave > > > domain needs checking, 0 queued for AXFR > > > Oct 16 14:01:23 pdns-2.foo.example.net pdns_server[27983]: Received > > > serial number updates for 1 zone, had 0 timeouts > > > Oct 16 14:01:23 pdns-2.foo.example.net pdns_server[27983]: Domain > > > 'foo.example.net' is empty, master serial 2020101603 > > > Oct 16 14:01:23 pdns-2.foo.example.net pdns_server[27983]: Initiating > > > transfer of 'foo.example.net' from remote '10.64.0.10' > > > Oct 16 14:01:23 pdns-2.foo.example.net pdns_server[27983]: Starting > > > AXFR of 'foo.example.net' from remote 10.64.0.10 > > > Oct 16 14:01:23 pdns-2.foo.example.net pdns_server[27983]: Unable to > > > AXFR zone 'foo.example.net' from remote '10.64.0.10' (resolver): AXFR > > > chunk error: Server Failure (This was the first time. Excluding zone > > > from slave-checks until 1602871343) > > > _______________________________________________ > > > Pdns-users mailing list > > > Pdns-users@mailman.powerdns.com > > > https://mailman.powerdns.com/mailman/listinfo/pdns-users > > _______________________________________________ Pdns-users mailing list Pdns-users@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/pdns-users
