I am having problems setting up RPZ under PowerDNS Recursor. Here is my setup:
PowerDNS Recursor 4.7.1
CentOS 7.9
2 servers, primary and secondary.
On the primary server I have the following setup:
recursor.conf includes this line:
lua-config-file=/etc/pdns-recursor/recursorconf.lua
recursorconf.lua has:
rpzFile("/etc/pdns-recursor/dynatronsoftware.rpz", {})
dynatronsoftware.rpz has:
$TTL 2h;
$ORIGIN domain.dynatronsoftware.com
@ SOA powerdns.dynatronsoftware.com. hostmaster.dynatronsoftware.com (
1 12h 15m 3w 2h)
NS ns1.dynatronsoftware.com.
; begin RPZ RR definitions
test.dynatronsoftware.com A 192.168.2.5
dev-forecast.dynatronsoftware.com A 192.168.2.5
The primary works fine. The issue I am having is getting the secondary to work.
On this server I have the following setup:
recursor.conf contains:
lua-config-file=/etc/pdns-recursor/recursorconf.lua
recursorconf.lua has:
rpzPrimary("10.20.6.27", "dynatronsoftware.rpz”)
The logs on the second server show this:
Aug 1 13:34:02 tst-dyn-dns2 pdns-recursor: msg="Loading RPZ from nameserver"
subsystem="rpz" level=1 prio=6 ts="1659378842.989" primary="10.20.6.27"
zone="dynatronsoftware.rpz"
Aug 1 13:34:02 tst-dyn-dns2 pdns-recursor: msg="Unable to load RPZ zone, will
retry" subsystem="rpz" level=1 prio=4 ts="1659378842.990" exception="AXFR chunk
error: Server Failure" from="10.20.6.27" refresh="10”
zone=“dynatronsoftware.rpz"
I am not seeing any logs at the same time on the secondary server.
What am I missing in my setup here? Do I need to do something on the primary to
allow transfers from the secondary?
Thanks,
Luke Miller
Infrastructure Manager
O: 972-913-6388
Corporate Office
2703 Telecom Pkwy, Suite 140A
Richardson, TX 75082
lmil...@dynatronsoftware.com | www.dynatronsoftware.com
_______________________________________________
Pdns-users mailing list
Pdns-users@mailman.powerdns.com
https://mailman.powerdns.com/mailman/listinfo/pdns-users
