Re: [Pdns-users] PowerDNS and CNAMEs

2017-07-24 Thread Rune Sørensen
Thank you, Brian I'm not too worried about PowerDNS and Cloudflare not being in sync, as the only records we care about in Cloudflare are short lived _acme-challenge TXT records, and we have a process running that make sure those stay synced :) Also thank you to David, for poiting me to the guide

Re: [Pdns-users] PowerDNS and CNAMEs

2017-07-23 Thread Brian Candler
On 23/07/2017 08:23, Rune Sørensen wrote: It might be a strange setup, but we are trying to have a PowerDNS server that acts as the authoritative name server for flcn.io for clients on our network, while Cloudflare DNS acts as the authoritative DNS for everyone else. The reco

Re: [Pdns-users] PowerDNS and CNAMEs

2017-07-23 Thread Rune Sørensen
It might be a strange setup, but we are trying to have a PowerDNS server that acts as the authoritative name server for flcn.io for clients on our network, while Cloudflare DNS acts as the authoritative DNS for everyone else. We do this, to try to not expose private IPs in public DNS records, but w

Re: [Pdns-users] PowerDNS and CNAMEs

2017-07-21 Thread Brian Candler
On 21/07/2017 18:07, Rune Sørensen wrote: I'm running pdns-server, as you guessed. I only enabled recursion, because nslook complained when I hadn't enabled it. Would it be better to try to set up a recursor in front of pdns-server, and then disable recursion on the server? One doesn't "go in

Re: [Pdns-users] PowerDNS and CNAMEs

2017-07-21 Thread David
On 2017-07-21 11:07 AM, Rune Sørensen wrote: I'm running pdns-server, as you guessed. I only enabled recursion, because nslook complained when I hadn't enabled it. Would it be better to try to set up a recursor in front of pdns-server, and then disable recursion on the server? If you need this

Re: [Pdns-users] PowerDNS and CNAMEs

2017-07-21 Thread Rune Sørensen
I'm running pdns-server, as you guessed. I only enabled recursion, because nslook complained when I hadn't enabled it. Would it be better to try to set up a recursor in front of pdns-server, and then disable recursion on the server? On Fri, 21 Jul 2017 at 16:48, Brian Candler wrote: > On 21/07/2

Re: [Pdns-users] PowerDNS and CNAMEs

2017-07-21 Thread Brian Candler
On 21/07/2017 15:21, Rune Sørensen wrote: OK, dig outputs using the actual domain. The server 10.255.0.3 that you are running dig against: is it running pdns-server (the authoritative server), or pdns-recursor? If it's pdns-server, then I would not expect it to return any results for a domain

Re: [Pdns-users] PowerDNS and CNAMEs

2017-07-21 Thread Rune Sørensen
OK, dig outputs using the actual domain. Also, a bit more info on the setup: We have a PowerDNS server running on our local network handling the flcn.io domain We also have flcn.io in Cloudflare DNS, for authorizing SSL certs with Let's Encrypt test1.flcn.io - CNAME in PowerDNS pointing to A

Re: [Pdns-users] PowerDNS and CNAMEs

2017-07-21 Thread Aki Tuomi
On 21.07.2017 15:04, Rune Sørensen wrote: > Hey gurus. > > I have a strange issue with CNAME records that I hope you can help me > solve, or at least clarify why it is like this. > > I have a CNAME, service.my-domain.com , > pointing to host.other-domain.com

[Pdns-users] PowerDNS and CNAMEs

2017-07-21 Thread Rune Sørensen
Hey gurus. I have a strange issue with CNAME records that I hope you can help me solve, or at least clarify why it is like this. I have a CNAME, service.my-domain.com, pointing to host.other-domain.com. Now, if the A record for host.other-domain.com is managed by my PowerDNS, this works fine. If,