I'm running from PostgresDB. Using the pdnsutil command, I did set the metadata.Here are the results from pdnsutil.
pdnsutil get-meta chaosdynamics.com Metadata for 'chaosdynamics.com' ALLOW-DNSUPDATE-FROM = 66.113.99.176/28, 127.0.0.1/8 NOTIFY-DNSUPDATE = 1 SOA-EDIT-API = DEFAULT TSIG-ALLOW-DNS-UPDATE = cdkey I'll try the zone-cache settings. Walter 1 On Sun, Jun 26, 2022 at 1:17 PM Gert van Dijk via Pdns-users < pdns-users@mailman.powerdns.com> wrote: > Hi Walter, > > I believe you may be missing the 'NOTIFY-DNSUPDATE' domain meta setting. > [1] > Note that 'dnsupdate' is a different and global setting; whether or not > to enable the support for dynamic updates overall on the instance. [2] > > What is the backend that you use for the dynamic zone? > In my case I have a small scale setup using SQLite on a hidden master > and I used these queries (taken from notes years ago) to enable notify > updates to secondary servers (running a possibly different backend). > > $ sqlite3 /path/to/my/sqlite3.db > sqlite> update domains set type='MASTER' where name='dyn.zone.tld'; > sqlite> insert into domainmetadata(domain_id, kind, content) > values((select id from domains where name='dyn.zone.tld'), > 'SOA-EDIT-DNSUPDATE', 'SOA-EDIT-INCREASE'); > sqlite> insert into domainmetadata(domain_id, kind, content) > values((select id from domains where name='dyn.zone.tld'), > 'NOTIFY-DNSUPDATE','1'); > > Likely unrelated, but just wanted to note the following. I ran into zone > caching issues on the secondaries side ever since upgrading to 4.5 and > still happening for me on 4.6, complaining about the domain SOA being > out of date. Still have to investigate that further and perhaps file an > issue, but my current workaround for that is setting this on the primary > server: > > zone-cache-refresh-interval=0 > zone-metadata-cache-ttl=0 > > ... which is fine for a small scale setup like mine. You may not run > into the same issue, though. :-) > > HTH > > Gert > > [1]: > https://doc.powerdns.com/authoritative/dnsupdate.html#notify-dnsupdate > [2]: https://doc.powerdns.com/authoritative/dnsupdate.html#dnsupdate > > On 6/26/22 19:44, Walter Parker via Pdns-users wrote: > > Hi, > > > > I have a PowerDNS server with Dynamic Updates (RFC2136 enabled) and it > > is not pushing the updates to the secondaries. > > > > I have allow-axfr-ips set to allow the IP addresses of the secondaries > > and also-notify set to IP addresses of the notification servers. > > > > I have allow-dnsudpates-from set to the IP subnet where the request is > > coming from. I have dnsupdate set to true. > > > > When I run acme.sh, I see the update request come in (UPDATE (18591) > > from 66.113.99.184 for chaosdynamics.com <http://chaosdynamics.com>: > > TSIG is provided, but domain is not secured with TSIG. Processing > continues > > ) but I don't see the notification queue message or the AXFR messages. > > > > When I run a notify manually, I see them (logs below). > > What did I miss to get dynamic DNS updates to be transferred to the > > secondary servers? > > > > Jun 26 10:39:02 natasha pdns[65543]: Notification request for domain > > 'chaosdynamics.com <http://chaosdynamics.com>' received from operator > > Jun 26 10:39:02 natasha pdns[65543]: Queued notification of domain > > 'chaosdynamics.com <http://chaosdynamics.com>' to 208.80.126.13:53 > > <http://208.80.126.13:53> > > Jun 26 10:39:02 natasha pdns[65543]: Queued notification of domain > > 'chaosdynamics.com <http://chaosdynamics.com>' to 208.94.148.13:53 > > <http://208.94.148.13:53> > > Jun 26 10:39:03 natasha pdns[65543]: IXFR of domain 'chaosdynamics.com > > <http://chaosdynamics.com>' initiated by 208.94.150.198:61335 > > <http://208.94.150.198:61335> with serial 2022062505 > > Jun 26 10:39:03 natasha pdns[65543]: AXFR of domain 'chaosdynamics.com > > <http://chaosdynamics.com>' allowed: client IP 208.94.150.198:61335 > > <http://208.94.150.198:61335> is in allow-axfr-ips > > Jun 26 10:39:03 natasha pdns[65543]: IXFR of domain 'chaosdynamics.com > > <http://chaosdynamics.com>' initiated by 208.94.147.135:48779 > > <http://208.94.147.135:48779> with serial 2022062505 > > Jun 26 10:39:03 natasha pdns[65543]: AXFR of domain 'chaosdynamics.com > > <http://chaosdynamics.com>' allowed: client IP 208.94.147.135:48779 > > <http://208.94.147.135:48779> is in allow-axfr-ips > > Jun 26 10:39:03 natasha pdns[65543]: IXFR fallback to AXFR for domain > > 'chaosdynamics.com <http://chaosdynamics.com>' our serial 2022062606 > > Jun 26 10:39:03 natasha pdns[65543]: AXFR of domain 'chaosdynamics.com > > <http://chaosdynamics.com>' initiated by 208.94.150.198:61335 > > <http://208.94.150.198:61335> > > Jun 26 10:39:03 natasha pdns[65543]: AXFR of domain 'chaosdynamics.com > > <http://chaosdynamics.com>' allowed: client IP 208.94.150.198:61335 > > <http://208.94.150.198:61335> is in allow-axfr-ips > > > > -- > > The greatest dangers to liberty lurk in insidious encroachment by men of > > zeal, well-meaning but without understanding. -- Justice Louis > D. Brandeis > > > > _______________________________________________ > > Pdns-users mailing list > > Pdns-users@mailman.powerdns.com > > https://mailman.powerdns.com/mailman/listinfo/pdns-users > _______________________________________________ > Pdns-users mailing list > Pdns-users@mailman.powerdns.com > https://mailman.powerdns.com/mailman/listinfo/pdns-users > -- The greatest dangers to liberty lurk in insidious encroachment by men of zeal, well-meaning but without understanding. -- Justice Louis D. Brandeis
_______________________________________________ Pdns-users mailing list Pdns-users@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/pdns-users
