powerDNS with SQLite backend as a slave for BIND

2016-08-21 (Last Modified: 2024-08-04)

(powerDNS)[https://www.powerdns.com] it’s a great alternative for large and complex BIND setup. Light footprint, and quick setup made that server as my obvious choice for slave server for primary BIND server. So let’s config begins:

Let’s download software first:

sudo yum install pdns-backend-sqlite

Then we have to pull schema which PDNS will use to store records:

wget https://raw.githubusercontent.com/PowerDNS/pdns/master/modules/gsqlite3backend/schema.sqlite3.sql

Let’s create some some sqlite database:

mkdir /var/db/pdns
sqlite3 /var/db/pdns/pdns.db
.read schema.sqlite3.sql
.quit

If we are setting up slave – we need tell who is supermaster:

sqlite3 /var/db/pdns/pdns.db 'insert into supermasters values ('x.x.x.x', 'ns1.domain.com', 'admin');'

Or we can just use build in commandline tool:

pdnsutil add-autoprimary x.x.x.x ns1.domain.com admin

Let’s make sure that pdns.db is writeable:

chown -R pdns:pdns /var/db/pdns

pdns.conf it’s also straight forward:

nano /etc/pdns/pdns.conf

setuid=pdns
setgid=pdns
launch=gsqlite3
gsqlite3-database=/var/db/pdns/pdns.db
slave=yes
superslave=yes

finally we can check if master allows us to make transfer:

dig @ns1.gex.pl spidersoft.com.au AXFR

On bind end config is super simple:

options {
    notify explicit;
    also-notify { x.x.x.x; y.y.y.y; };
    allow-notify { x.x.x.x; y.y.y.y; };
    allow-transfer { x.x.x.x; y.y.y.y; };
    ...

you can force zone transfer by:

rndc notify example.com

and check on the other end if it’s working:

pdnsutil list-all-zones