Automatic secondary DNS is no longer a problem
After seeing the article recently, I was very surprised that someone else was wondering how to automatically register DNS on the secondary server. I want to share my version of "Automate slave DNS support", which I have been using for many years. It may not suit everyone, but it’s pretty simple.
I use PowerDNS as a secondary, I use Bind as a master, although any other server will be able to DNS NOTIFY when changing / creating a zone (I look at YADIFA , but my hands have not reached it yet). It is this feature that we will use to create and change zones on the secondary server, the minus will be only when you delete a zone on the slave, it must be removed manually. In the logs, remote zones are clearly visible and, if necessary, you can skip the script to automate the process, my zones are rarely removed, so there was no such need.
Probably if you are interested in this article, then you have an idea of how to configure the wizard or, if you wish, you can find the material on the settings yourself. In the case of Bind I want to note that the option must be specified in the config file:
')
So, we have two hosts 10.0.0.1 (ns.server.net) and 10.0.0.2 (ns0.server.net), where ns.server.net is primary and ns0.server.net is secondary.
We describe them in the server.net domain file:
We proceed to the installation and configuration of Pdns. On my Debian servers:
This option will automatically pull up the pdns-server, sqlite3, as well as all that is needed to start the PowerDNS server with Sqlite v3, which is used to store dns records. Sqlite3 is chosen because it does not require much attention for itself, but nothing prevents you from choosing another option.
So, we have an installed PowerDNS server with a Sqlite3 base on distributions other than Debian, you may have to manually configure the base. Unfortunately, there is an error in the package and for the server to see the database you need to comment out one line.
In the /etc/powerdns/pdns.d/pdns.simplebind file, you need to delete or comment out the line
Also in the config you need to declare the server as secondary:
/etc/powerdns/pdns.conf
Now we can register the Master DNS in the Sqlite database:
This completes the setup, but that's not all, now you need to load into the sqlite database, there are two ways to do it.
The easiest in my opinion is the Serial update on the master, so that it sends the DNS NOTIFY slave and thereby informs it about our domains, forcing it to start and pick them up.
On mestre it looks like this:
On the secondary:
An alternative I can suggest to get domains directly in sqlite:
Where 0 is a zone series, it will obviously be larger on the wizard and therefore an update will occur.
I hope now the issue of automatic creation of domains on the secondary server will no longer bother you.
I use PowerDNS as a secondary, I use Bind as a master, although any other server will be able to DNS NOTIFY when changing / creating a zone (I look at YADIFA , but my hands have not reached it yet). It is this feature that we will use to create and change zones on the secondary server, the minus will be only when you delete a zone on the slave, it must be removed manually. In the logs, remote zones are clearly visible and, if necessary, you can skip the script to automate the process, my zones are rarely removed, so there was no such need.
Probably if you are interested in this article, then you have an idea of how to configure the wizard or, if you wish, you can find the material on the settings yourself. In the case of Bind I want to note that the option must be specified in the config file:
')
notify yes So, we have two hosts 10.0.0.1 (ns.server.net) and 10.0.0.2 (ns0.server.net), where ns.server.net is primary and ns0.server.net is secondary.
We describe them in the server.net domain file:
@ IN NS ns.server.net. @ IN NS ns0.server.net. ns IN A 10.0.0.1 ns0 IN A 10.0.0.2 We proceed to the installation and configuration of Pdns. On my Debian servers:
apt-get install pdns-backend-sqlite3 This option will automatically pull up the pdns-server, sqlite3, as well as all that is needed to start the PowerDNS server with Sqlite v3, which is used to store dns records. Sqlite3 is chosen because it does not require much attention for itself, but nothing prevents you from choosing another option.
[skip] creating database pdns.sqlite3: success. verifying database pdns.sqlite3 exists: success. populating database via sql... done. Processing triggers for pdns-server ... [ ok ] Restarting PowerDNS Authoritative Name Server: pdns. So, we have an installed PowerDNS server with a Sqlite3 base on distributions other than Debian, you may have to manually configure the base. Unfortunately, there is an error in the package and for the server to see the database you need to comment out one line.
In the /etc/powerdns/pdns.d/pdns.simplebind file, you need to delete or comment out the line
bind-config=/etc/powerdns/bindbackend.confAlso in the config you need to declare the server as secondary:
/etc/powerdns/pdns.conf
slave=yes Now we can register the Master DNS in the Sqlite database:
cd /var/lib/powerdns sqlite3 pdns.sqlite3 sqlite> INSERT INTO supermasters VALUES('10.0.0.1','ns.server.net','master'); .quit This completes the setup, but that's not all, now you need to load into the sqlite database, there are two ways to do it.
The easiest in my opinion is the Serial update on the master, so that it sends the DNS NOTIFY slave and thereby informs it about our domains, forcing it to start and pick them up.
On mestre it looks like this:
master named[12318]: reloading configuration succeeded master named[12318]: reloading zones succeeded master named[12318]: zone server.net/IN: loaded serial 1 master named[12318]: zone server.net/IN: sending notifies (serial 1) master named[12318]: client 10.0.0.2#14310: transfer of 'server.net/IN': AXFR started master named[12318]: client 10.0.0.2#14310: transfer of 'server.net/IN': AXFR ended On the secondary:
slave pdns[21225]: Received NOTIFY for server.net from 10.0.0.1 for which we are not authoritative slave pdns[21225]: Created new slave zone 'server.net' from supermaster 10.0.0.1, queued axfr slave pdns[21225]: Initiating transfer of 'server.net' from remote '10.0.0.1' slave pdns[21225]: gsqlite3: connection to '/var/lib/powerdns/pdns.sqlite3' successful slave pdns[21225]: 1 slave domain needs checking, 0 queued for AXFR An alternative I can suggest to get domains directly in sqlite:
INSERT INTO "domains" VALUES(1,'domain.ru','10.0.0.1',0,'SLAVE',NULL,'master'); INSERT INTO "domains" VALUES(2,'domain.su','10.0.0.1',0,'SLAVE',NULL,'master'); INSERT INTO "domains" VALUES(3,'domain.com','10.0.0.1',0,'SLAVE',NULL,'master'); Where 0 is a zone series, it will obviously be larger on the wizard and therefore an update will occur.
slave pdns[21225]: Received serial number updates for 1 zones, had 0 timeouts slave pdns[21225]: Domain server.net is stale, master serial 3, our serial 0 slave pdns[21225]: Initiating transfer of 'server.net' from remote '10.0.0.1' slave pdns[21225]: AXFR started for 'server.net', transaction started I hope now the issue of automatic creation of domains on the secondary server will no longer bother you.
Source: https://habr.com/ru/post/201816/
All Articles