Difference between revisions of "PowerDNS: Membuat Zone dan Record di PowerDNS"
Jump to navigation
Jump to search
Onnowpurbo (talk | contribs) (New page: Configuration The following settings need to be changed in /etc/powerdns/pdns.conf: Allowed Zone Transfers ################################# # allow-axfr-ips If enabled, restrict zone...) |
Onnowpurbo (talk | contribs) |
||
| (One intermediate revision by the same user not shown) | |||
| Line 1: | Line 1: | ||
| − | + | ==Konfigurasi PowerDNS== | |
| − | + | Di sisi MASTER: | |
| − | |||
| − | + | Ubah konfigurasi /etc/powerdns/pdns.conf: | |
| − | |||
| − | |||
| − | |||
| − | + | ===Allowed Zone Transfers=== | |
| − | + | ################################# | |
| + | # allow-axfr-ips If enabled, restrict zonetransfers to originate from these | ||
| + | # IP addresses | ||
| + | allow-axfr-ips=127.0.0.1 ::1 192.0.2.0/24 2001:db8::/64 | ||
| + | |||
| − | + | ===Enable Zone Transfers=== | |
| − | |||
| − | |||
| − | |||
| − | ################################# | + | ################################# |
| + | # disable-axfr Disable zonetransfers but do allow TCP queries | ||
| + | # | ||
| + | disable-axfr=no | ||
| − | |||
| − | + | ===Server IP Address=== | |
| − | |||
| − | |||
| − | |||
| − | ################################# | + | ################################# |
| − | # local- | + | # local-address Local IP address to which we bind |
| − | # | + | # |
| − | local- | + | local-address=192.168.0.100 |
| − | ################################# | + | ################################# |
| + | # local-ipv6 Local IP address to which we bind | ||
| + | # | ||
| + | # local-ipv6=2001:db8::41 | ||
| − | |||
| − | + | ===Berfungsi sebagai Master Server=== | |
| − | |||
| − | |||
| − | |||
| − | ################################# | + | ################################# |
| + | # master Act as a master | ||
| + | # | ||
| + | master=yes | ||
| − | Source Address | + | |
| + | ===Source Address=== | ||
By default PowerDNS will use the last defined IP address as source address to send out DNS NOTIFY messages to slaves. | By default PowerDNS will use the last defined IP address as source address to send out DNS NOTIFY messages to slaves. | ||
| Line 49: | Line 48: | ||
The slave servers, will not accept any NOTIFY messages, if they are not coming from the defined master server of a domain. Here is how we tell PowerDNS to use its dedicated IPv4 and IPv6 addresses for outgoing connections: | The slave servers, will not accept any NOTIFY messages, if they are not coming from the defined master server of a domain. Here is how we tell PowerDNS to use its dedicated IPv4 and IPv6 addresses for outgoing connections: | ||
| − | ################################# | + | ################################# |
| − | # query-local-address The IP address to use as a source address for sending | + | # query-local-address The IP address to use as a source address for sending |
| − | # queries. | + | # queries. |
| − | query-local-address=192.0.2.41 | + | query-local-address=192.0.2.41 |
| − | query-local-address6=2001:db8::41 | + | query-local-address6=2001:db8::41 |
| − | + | ==Server Restart== | |
| − | + | sudo service pdns restart | |
| − | + | ==Import Zone-Files== | |
| − | |||
| − | Import Zone-Files | ||
If you already have zone files, from previous DNS servers or 3rd-party providers, you can import them as follows: | If you already have zone files, from previous DNS servers or 3rd-party providers, you can import them as follows: | ||
| − | $ zone2sql --zone=example.com.zone \ | + | $ zone2sql --zone=example.com.zone \ |
| − | + | --zone-name=example.com \ | |
| − | + | --gmysql --transactions --verbose \ | |
| − | + | > example.com.zone.sql | |
| − | 1 domains were fully parsed, containing 49 records | + | 1 domains were fully parsed, containing 49 records |
| − | $ mysql -u root -p pdns < example.com.zone.sql | + | $ mysql -u root -p pdns < example.com.zone.sql |
| − | Enter password: | + | Enter password: |
And done. Very easy. | And done. Very easy. | ||
| − | Secondary Server | + | |
| + | ==Secondary Server== | ||
Let’s assume our master server has the IP address 2001:db8::41 and the new slave will have the IP address 2001:db8::42. | Let’s assume our master server has the IP address 2001:db8::41 and the new slave will have the IP address 2001:db8::42. | ||
| Line 81: | Line 79: | ||
To set up a PowerDNS as secondary slave DNS server. | To set up a PowerDNS as secondary slave DNS server. | ||
| − | Install MariaDB and PowerDNS | + | |
| + | ==Install MariaDB and PowerDNS== | ||
See above. Also add the MySQL tables as above. | See above. Also add the MySQL tables as above. | ||
Copy the configuration file from the master and change following things: | Copy the configuration file from the master and change following things: | ||
| + | |||
Slave Server IP Addresses | Slave Server IP Addresses | ||
| − | ################################# | + | ################################# |
| − | # local-address Local IP address to which we bind | + | # local-address Local IP address to which we bind |
| − | # | + | # |
| − | local-address=192.0.2.42 | + | local-address=192.0.2.42 |
| − | ################################# | + | ################################# |
| − | # local-ipv6 Local IP address to which we bind | + | # local-ipv6 Local IP address to which we bind |
| − | # | + | # |
| − | local-ipv6=2001:db8::42 | + | local-ipv6=2001:db8::42 |
Setup PowerDNS as a Slave | Setup PowerDNS as a Slave | ||
| − | ################################# | + | ################################# |
| − | # master Act as a master | + | # master Act as a master |
| − | # | + | # |
| − | master=no | + | master=no |
| − | ################################# | + | ################################# |
| − | # slave Act as a slave | + | # slave Act as a slave |
| − | # | + | # |
| − | slave=yes | + | slave=yes |
Restart the slave server: | Restart the slave server: | ||
| − | $ sudo service pdns restart | + | $ sudo service pdns restart |
| − | Add Domain Record on Slave Server | + | ==Add Domain Record on Slave Server== |
Open a MySQL database server sesssion: | Open a MySQL database server sesssion: | ||
| − | slave$ mysql -u root -p pdns | + | slave$ mysql -u root -p pdns |
Add the the domain along with the IP address of the master server as follows: | Add the the domain along with the IP address of the master server as follows: | ||
| − | + | INSERT INTO `domains` (`name`, `master`, `type`) | |
| − | + | VALUES('example.com', '2001:db8::41', 'SLAVE'); | |
Add Slave Record on Master Server | Add Slave Record on Master Server | ||
| Line 129: | Line 129: | ||
Open a MySQL database server sesssion: | Open a MySQL database server sesssion: | ||
| − | master$ mysql -u root -p pdns | + | master$ mysql -u root -p pdns |
Add a NS record and IP addresses of the new slave to the domain: | Add a NS record and IP addresses of the new slave to the domain: | ||
| − | + | INSERT INTO `records` (`domain_id`, `name`, `type`, `content`) | |
| − | + | VALUES( | |
| − | + | (SELECT `id` FROM `domains` WHERE `name` = 'example.com'), | |
| − | + | 'example.com', | |
| − | + | 'NS', | |
| − | + | 'ns2.example.com' | |
| − | + | ); | |
| − | + | INSERT INTO `records` (`domain_id`, `name`, `type`, `content`) | |
| − | + | VALUES( | |
| − | + | (SELECT `id` FROM `domains` WHERE `name` = 'example.com'), | |
| − | + | 'ns2.example.com', | |
| − | + | 'A', | |
| − | + | '192.0.2.42' | |
| − | + | ); | |
| − | + | INSERT INTO `records` (`domain_id`, `name`, `type`, `content`) | |
| − | + | VALUES( | |
| − | + | (SELECT `id` FROM `domains` WHERE `name` = 'example.com'), | |
| − | + | 'ns2.example.com', | |
| − | + | 'AAAA', | |
| − | + | '2001:db8::42' | |
| − | + | ); | |
| − | Delete a Domain | + | ==Delete a Domain== |
Let say you want to remove the domain example.org completely. | Let say you want to remove the domain example.org completely. | ||
| − | + | DELETE FROM `domainmetadata` WHERE `domain_id` = ( | |
| − | + | SELECT `id` FROM `domains` WHERE `name` = "example.org" | |
| − | + | ); | |
| − | + | DELETE FROM `records` WHERE `domain_id` = ( | |
| − | + | SELECT `id` FROM `domains` WHERE `name` = "example.org" | |
| − | + | ); | |
| − | + | DELETE FROM `comments` WHERE `domain_id` = ( | |
| − | + | SELECT `id` FROM `domains` WHERE `name` = "example.org" | |
| − | + | ); | |
| − | + | DELETE FROM `cryptokeys` WHERE `domain_id` = ( | |
| − | + | SELECT `id` FROM `domains` WHERE `name` = "example.org" | |
| − | + | ); | |
| − | + | DELETE FROM `domains` WHERE `name` = "example.org"; | |
This same procedure needs to be done on every master or slave sever. | This same procedure needs to be done on every master or slave sever. | ||
Latest revision as of 09:27, 5 June 2015
Konfigurasi PowerDNS
Di sisi MASTER:
Ubah konfigurasi /etc/powerdns/pdns.conf:
Allowed Zone Transfers
################################# # allow-axfr-ips If enabled, restrict zonetransfers to originate from these # IP addresses allow-axfr-ips=127.0.0.1 ::1 192.0.2.0/24 2001:db8::/64
Enable Zone Transfers
################################# # disable-axfr Disable zonetransfers but do allow TCP queries # disable-axfr=no
Server IP Address
################################# # local-address Local IP address to which we bind # local-address=192.168.0.100
################################# # local-ipv6 Local IP address to which we bind # # local-ipv6=2001:db8::41
Berfungsi sebagai Master Server
################################# # master Act as a master # master=yes
Source Address
By default PowerDNS will use the last defined IP address as source address to send out DNS NOTIFY messages to slaves.
The slave servers, will not accept any NOTIFY messages, if they are not coming from the defined master server of a domain. Here is how we tell PowerDNS to use its dedicated IPv4 and IPv6 addresses for outgoing connections:
################################# # query-local-address The IP address to use as a source address for sending # queries. query-local-address=192.0.2.41 query-local-address6=2001:db8::41
Server Restart
sudo service pdns restart
Import Zone-Files
If you already have zone files, from previous DNS servers or 3rd-party providers, you can import them as follows:
$ zone2sql --zone=example.com.zone \
--zone-name=example.com \
--gmysql --transactions --verbose \
> example.com.zone.sql
1 domains were fully parsed, containing 49 records
$ mysql -u root -p pdns < example.com.zone.sql
Enter password:
And done. Very easy.
Secondary Server
Let’s assume our master server has the IP address 2001:db8::41 and the new slave will have the IP address 2001:db8::42.
In the real world a DNS slave would be on entirely another subnet.
To set up a PowerDNS as secondary slave DNS server.
Install MariaDB and PowerDNS
See above. Also add the MySQL tables as above.
Copy the configuration file from the master and change following things:
Slave Server IP Addresses
################################# # local-address Local IP address to which we bind # local-address=192.0.2.42
################################# # local-ipv6 Local IP address to which we bind # local-ipv6=2001:db8::42
Setup PowerDNS as a Slave
################################# # master Act as a master # master=no
################################# # slave Act as a slave # slave=yes
Restart the slave server:
$ sudo service pdns restart
Add Domain Record on Slave Server
Open a MySQL database server sesssion:
slave$ mysql -u root -p pdns
Add the the domain along with the IP address of the master server as follows:
INSERT INTO `domains` (`name`, `master`, `type`)
VALUES('example.com', '2001:db8::41', 'SLAVE');
Add Slave Record on Master Server
Open a MySQL database server sesssion:
master$ mysql -u root -p pdns
Add a NS record and IP addresses of the new slave to the domain:
INSERT INTO `records` (`domain_id`, `name`, `type`, `content`)
VALUES(
(SELECT `id` FROM `domains` WHERE `name` = 'example.com'),
'example.com',
'NS',
'ns2.example.com'
);
INSERT INTO `records` (`domain_id`, `name`, `type`, `content`)
VALUES(
(SELECT `id` FROM `domains` WHERE `name` = 'example.com'),
'ns2.example.com',
'A',
'192.0.2.42'
);
INSERT INTO `records` (`domain_id`, `name`, `type`, `content`)
VALUES(
(SELECT `id` FROM `domains` WHERE `name` = 'example.com'),
'ns2.example.com',
'AAAA',
'2001:db8::42'
);
Delete a Domain
Let say you want to remove the domain example.org completely.
DELETE FROM `domainmetadata` WHERE `domain_id` = (
SELECT `id` FROM `domains` WHERE `name` = "example.org"
);
DELETE FROM `records` WHERE `domain_id` = (
SELECT `id` FROM `domains` WHERE `name` = "example.org"
);
DELETE FROM `comments` WHERE `domain_id` = (
SELECT `id` FROM `domains` WHERE `name` = "example.org"
);
DELETE FROM `cryptokeys` WHERE `domain_id` = (
SELECT `id` FROM `domains` WHERE `name` = "example.org"
);
DELETE FROM `domains` WHERE `name` = "example.org";
This same procedure needs to be done on every master or slave sever.