PowerDNS / pdns

PowerDNS Authoritative, PowerDNS Recursor, dnsdist
https://www.powerdns.com/
GNU General Public License v2.0
3.73k stars 915 forks source link

support BIND 'IP port PORT' syntax in named.conf #6240

Open hellweiss opened 6 years ago

hellweiss commented 6 years ago

Short description

I have to add IP twice in named.cond for AXFR to work properly.

zone "elkb-sap.portal.intern.net" in {
   type slave;
   file "/usr/local/etc/pdns/elkb-sap.portal.intern.net";
   masters {
     10.1.0.107:5300;
     10.1.0.107;
   };
 };

or I get:

Received NOTIFY for elkb-sap.portal.intern.net from 10.1.0.107 which is not a master

on slave and:

Received unsuccessful notification report for 'elkb-sap.portal.intern.net' from 10.1.0.108:5300, error: Query Refused
Removed from notification list: 'elkb-sap.portal.intern.net' to 10.1.0.108:5300 Query Refused

on master.

Environment

Expected behaviour

IP and Port in named.conf should work. Or like in named.conf man page

10.1.0.107 port 5300;

Actual behaviour

Have to add IP and IP and Port for AXFR to work properly.

Description

I've installed Authoritative Server on Port 5300 and Recursor on Port 53 because we are small company. I am using bind Zonefiles for the same reason and because my coworkers are used to edit (deal with) bind Zonefiles. Now when I install a SLAVE and change the Zonefile, the Authoritative Server always tries to connect to the Slave on Port 53 but that is where the Recursor Service is running.

So I have changed following pdns.conf Parameters on master:

allow-axfr-ips=10.1.0.108
also-notify=10.1.0.108:5300
only-notify=

and on slave:

allow-notify-from=10.1.0.107\

The named.conf man Page says:

Masters
masters string [ port integer ] {
    ( masters | ipv4_address [port integer] |
    ipv6_address [port integer] ) [ key string ]; ... 
   }; 

But

   masters {
     10.1.0.107 port 5300;
   };

gives

Error parsing bind configuration: Error in bind configuration '.../named.conf' on line 5: syntax error

Thanks

isi

pieterlexis commented 6 years ago

Hi,

The IP port PORT syntax is indeed not supported by the bindparser (and should be fixed), this can be faked within PowerDNS by using the "IP:PORT" syntax. But this is unrelated to the notification issue. The configuration as you posted should work (i.e. only sending a NOTIFY to the port provided in the also-notify setting).

Is this the case, or do you get other errors? And if so, can you provide the full configuration for both the master and the server so we can try to reproduce this issue?

Thanks!

hellweiss commented 6 years ago

Hi,

you are right, I removed the second IP Address <10.1.0.107;> from the named.conf and it works as expected. The only thing left is the support for the bind syntax.

Thanks.

hellweiss commented 6 years ago

Hi,

sorry, I forgot to restart the pdns_server Service. If I remove the 10.1.0.107; form the slaves named.conf file I get Received NOTIFY for elkb.de from 10.1.0.107 which is not a master The error Messages I get are the same as above. No special Configuration here.

On Master:

also-notify=10.1.0.108:5300
config-dir=/usr/local/etc/pdns
daemon=yes
distributor-threads=1
do-ipv6-additional-processing=yes
launch=bind
bind-config=/usr/local/etc/pdns/named.conf
bind-check-interval=300
local-address=127.0.0.1, 10.1.0.107
local-ipv6=::1, fd05:a7aa:dee8:1000:10:1:0:107
local-port=5300
master=yes
only-notify=
security-poll-suffix=
server-id=ns0

on slave:

config-dir=/usr/local/etc/pdns
daemon=yes
distributor-threads=1
do-ipv6-additional-processing=yes
launch=bind
bind-config=/usr/local/etc/pdns/named.conf
bind-check-interval=300
local-address=127.0.0.1, 10.1.0.108
local-ipv6=::1, fd05:a7aa:dee8:1000:10:1:0:108
local-port=5300
security-poll-suffix=
server-id=ns1
slave=yes