PowerDNS: Membuat Zone dan Record di PowerDNS

From OnnoWiki
Revision as of 09:50, 1 June 2015 by Onnowpurbo (talk | contribs) (New page: Configuration The following settings need to be changed in /etc/powerdns/pdns.conf: Allowed Zone Transfers ################################# # allow-axfr-ips If enabled, restrict zone...)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Configuration

The following settings need to be changed in /etc/powerdns/pdns.conf: Allowed Zone Transfers

  1. allow-axfr-ips If enabled, restrict zonetransfers to originate from these
  2. IP addresses

allow-axfr-ips=127.0.0.1 ::1 192.0.2.0/24 2001:db8::/64

Enable Zone Transfers

  1. disable-axfr Disable zonetransfers but do allow TCP queries

disable-axfr=no

Server IP Address

  1. local-address Local IP address to which we bind

local-address=192.0.2.41

  1. local-ipv6 Local IP address to which we bind

local-ipv6=2001:db8::41

Act as Master Server

  1. master Act as a master

master=yes

Source Address

By default PowerDNS will use the last defined IP address as source address to send out DNS NOTIFY messages to slaves.

The slave servers, will not accept any NOTIFY messages, if they are not coming from the defined master server of a domain. Here is how we tell PowerDNS to use its dedicated IPv4 and IPv6 addresses for outgoing connections:

  1. query-local-address The IP address to use as a source address for sending
  2. queries.

query-local-address=192.0.2.41 query-local-address6=2001:db8::41

Server Restart

$ sudo service pdns restart

Import Zone-Files

If you already have zone files, from previous DNS servers or 3rd-party providers, you can import them as follows:

$ zone2sql --zone=example.com.zone \

          --zone-name=example.com \
          --gmysql --transactions --verbose \
          > example.com.zone.sql

1 domains were fully parsed, containing 49 records $ mysql -u root -p pdns < example.com.zone.sql Enter password:

And done. Very easy. Secondary Server

Let’s assume our master server has the IP address 2001:db8::41 and the new slave will have the IP address 2001:db8::42.

In the real world a DNS slave would be on entirely another subnet.

To set up a PowerDNS as secondary slave DNS server. Install MariaDB and PowerDNS

See above. Also add the MySQL tables as above.

Copy the configuration file from the master and change following things: Slave Server IP Addresses

  1. local-address Local IP address to which we bind

local-address=192.0.2.42

  1. local-ipv6 Local IP address to which we bind

local-ipv6=2001:db8::42

Setup PowerDNS as a Slave

  1. master Act as a master

master=no

  1. slave Act as a slave

slave=yes

Restart the slave server:

$ sudo service pdns restart

Add Domain Record on Slave Server

Open a MySQL database server sesssion:

slave$ mysql -u root -p pdns

Add the the domain along with the IP address of the master server as follows:

   INSERT INTO `domains` (`name`, `master`, `type`)
       VALUES('example.com', '2001:db8::41', 'SLAVE');

Add Slave Record on Master Server

Open a MySQL database server sesssion:

master$ mysql -u root -p pdns

Add a NS record and IP addresses of the new slave to the domain:

   INSERT INTO `records` (`domain_id`, `name`, `type`, `content`)
       VALUES(
           (SELECT `id` FROM `domains` WHERE `name` = 'example.com'),
           'example.com',
           'NS',
           'ns2.example.com'
   );
   INSERT INTO `records` (`domain_id`, `name`, `type`, `content`)
       VALUES(
           (SELECT `id` FROM `domains` WHERE `name` = 'example.com'),
           'ns2.example.com',
           'A',
           '192.0.2.42'
   );
   INSERT INTO `records` (`domain_id`, `name`, `type`, `content`)
       VALUES(
           (SELECT `id` FROM `domains` WHERE `name` = 'example.com'),
           'ns2.example.com',
           'AAAA',
           '2001:db8::42'
   );

Delete a Domain

Let say you want to remove the domain example.org completely.

   DELETE FROM `domainmetadata` WHERE `domain_id` = (
       SELECT `id` FROM `domains` WHERE `name` = "example.org"
   );
   DELETE FROM `records` WHERE `domain_id` = (
       SELECT `id` FROM `domains` WHERE `name` = "example.org"
   );
   DELETE FROM `comments` WHERE `domain_id` = (
       SELECT `id` FROM `domains` WHERE `name` = "example.org"
   );
   DELETE FROM `cryptokeys` WHERE `domain_id` = (
       SELECT `id` FROM `domains` WHERE `name` = "example.org"
   );
   DELETE FROM `domains` WHERE `name` = "example.org";

This same procedure needs to be done on every master or slave sever.




Referensi