pdns_control appears with wrong IP on slave - supermaster setup

classic Classic list List threaded Threaded
11 messages Options
Reply | Threaded
Open this post in threaded view
|

pdns_control appears with wrong IP on slave - supermaster setup

Konstantin Kletschke
Hi,

I am trying to initiate a master slave setup. I setup a master and a
slave with the same zone2sql.sql output and set one domain to slave in
the domains table on the slave and inserted a record into supermasters
on the slave.

deadbeef.de has nameservers ns1.cafebabe.de (1.1.1.19) and
ns2.cafebabe.de (2.2.2.2). Both are using mysql backend.

ns1.cafebabe.de is on debian oldstable (3.1-4.1), ns2.cafebabe.de is on
debian stable (3.4.1-4+deb8u3).

The master has several IP Addresses:
1.1.1.18
1.1.1.19
1.1.1.20

The master is ns1.cafebabe.de - the slave is ns2.cafebabe.de

Master config (I omit stuff like logging setup and such):

allow-axfr-ips=2.2.2.2/32 1.1.1.19/32
disable-axfr=no
local-address=1.1.1.19
master=yes

domains table:

+----+-------------+--------+------------+--------+-----------------+---------+
| id | name        | master | last_check | type   | notified_serial |
account |
+----+-------------+--------+------------+--------+-----------------+---------+
| 32 | deadbeef.de | NULL   |       NULL | MASTER |      1449513605 |
NULL    |
+----+-------------+--------+------------+--------+-----------------+---------+

records table:

+-----+-----------+-------------+------+-----------------------------------------------------------------------------+--------+-------+-------------+----------+-----------+------+
| id  | domain_id | name        | type | content                        
                                             | ttl    | prio  |
change_date | disabled | ordername | auth |
+-----+-----------+-------------+------+-----------------------------------------------------------------------------+--------+-------+-------------+----------+-----------+------+
| 333 |        32 | deadbeef.de | SOA  | ns2.cafebabe.de.
hostmaster.deadbeef.de. 1449513605 16384 2048 1048576 2560 | 259200 |    
  0 |        NULL |        0 |           |    1 |
| 334 |        32 | deadbeef.de | A    | 1.1.1.20                        
                                             |  86400 |     0 |        
NULL |        0 |           |    1 |
| 336 |        32 | deadbeef.de | MX   | mail.deadbeef.de                
                                             |  86400 | 86400 |        
NULL |        0 |           |    1 |
| 337 |        32 | deadbeef.de | NS   | ns1.cafebabe.de                
                                             | 259200 |     0 |        
NULL |        0 |           |    1 |
| 338 |        32 | deadbeef.de | NS   | ns2.cafebabe.de                
                                             | 259200 |     0 |        
NULL |        0 |           |    1 |
+-----+-----------+-------------+------+-----------------------------------------------------------------------------+--------+-------+-------------+----------+-----------+------+


Slave config (I omit stuff like logging setup and such):

allow-dnsupdate-from=1.1.1.19
disable-axfr=no
local-address=2.2.2.2
slave=yes

domains table:

+----+-------------+--------+------------+-------+-----------------+---------+
| id | name        | master | last_check | type  | notified_serial |
account |
+----+-------------+--------+------------+-------+-----------------+---------+
| 30 | deadbeef.de | NULL   |       NULL | SLAVE |            NULL |
NULL    |
+----+-------------+--------+------------+-------+-----------------+---------+

supermasters table:

+----------+-----------------+---------+
| ip       | nameserver      | account |
+----------+-----------------+---------+
| 1.1.1.19 | ns1.cafebabe.de | admin   |
+----------+-----------------+---------+


The entries from records table are identical to the master's one.


This setup does not work:

If i enter command "pdns_control notify deadbeef.de" on the master
the slave says "Received NOTIFY for deadbeef.de from 1.1.1.18 which
is not a master".

If I understood correct it is checked for the nameservers in the record
and entry in supermasters. Here 1.1.1.18 will not match. It must not be
used and it is not configured. Why this strange IP?

When I try to fetch on the slave with "pdns_control retrieve
deadbeef.de" the slave says "Domain 'deadbeef.de' is not a slave domain
(or has no master defined)"

What else is wrong in my setup?

Kind Regards and any Help is highly appreciated.

Konstantin Kletschke

_______________________________________________
Pdns-users mailing list
[hidden email]
http://mailman.powerdns.com/mailman/listinfo/pdns-users
Reply | Threaded
Open this post in threaded view
|

Re: pdns_control appears with wrong IP on slave - supermaster setup

Posner, Sebastian
Do not obfuscate the data.

Especially not to "funny" domains that DO exist and DO NOT belong to you.

On this list, you are by far more likely to get help if you provide the real data.

Main point for this is because if you obfuscate things, there's the danger you obfuscate the erroneous settings away. And users on this list like to invest time in debugging (other people's) problems that they maybe cannot even see.

Mit freundlichen Grüßen,

Sebastian
--
Sebastian Posner


> -----Original Message-----
> From: [hidden email] [mailto:pdns-users-
> [hidden email]] On Behalf Of Konstantin Kletschke
> Sent: Wednesday, December 09, 2015 8:56 AM
> To: [hidden email]
> Subject: [Pdns-users] pdns_control appears with wrong IP on slave -
> supermaster setup
>
> Hi,
>
> I am trying to initiate a master slave setup. I setup a master and a
> slave with the same zone2sql.sql output and set one domain to slave in
> the domains table on the slave and inserted a record into supermasters
> on the slave.
>
[obfuscated informations]

_______________________________________________
Pdns-users mailing list
[hidden email]
http://mailman.powerdns.com/mailman/listinfo/pdns-users
Reply | Threaded
Open this post in threaded view
|

Re: pdns_control appears with wrong IP on slave - supermaster setup

Konstantin Kletschke
Am 2015-12-09 11:14, schrieb Posner, Sebastian:
> Do not obfuscate the data.

After sending my mail yesterday I considered each of your argument. Each
of your argument is correct. I am sorry I did such a mess, the data is
public anyway and I should have think before sending. Obfuscating was a
messy work, introduces errors and people willing to poke into the living
setup are blocked. And yes, at least one domain is alive elsewhere.
Sorry!

Real data follows:

Master is ns1.ku-gbr.de (81.3.11.19) (IPs 81.3.11.18, 81.3.11.20
configured also)
Slave is ns2.ku-gbr.de (37.120.166.98)

The domain I choose testing this first is mig19.de.

Kind Regards
Konstantin

_______________________________________________
Pdns-users mailing list
[hidden email]
http://mailman.powerdns.com/mailman/listinfo/pdns-users
Reply | Threaded
Open this post in threaded view
|

Re: pdns_control appears with wrong IP on slave - supermaster setup

Konstantin Kletschke
In reply to this post by Konstantin Kletschke
Hello,

yesterday I reviewed my config and did one significant change, there was
one error done by me.

As (not) said, the server/master has IPs 81.3.11.18, 81.3.11.19 and
81.3.11.20 available, but has

local-address=81.3.11.19 in its config.

Then on the slave, the nameserver FQDN defining the slave was wrong, now
it looks like this:

+------------+------------------+---------+
| ip         | nameserver       | account |
+------------+------------------+---------+
| 81.3.11.19 | ns2.ku-gbr.de.de | admin   |
+------------+------------------+---------+

Still I am testing on mig19.de and still face two problems:

If i enter command

"pdns_control notify mig19.de"

on the master the slave says

"Received NOTIFY for mig19.de from 81.3.11.18 which is not a master".

Of course 81.3.11.18 is not the master, 81.3.11.19 is. How comes that
notify reaches the slave from the wrong IP?
Can this be caused by firewall settings on the slave (master has none)?
TCP and UDP Port 53 is opened in both directions.

Additionally I don't see the cause of this:

When I try to fetch on the slave with

"pdns_control retrieve mig19.de"

the slave says

"Domain 'mig19.de' is not a slave domain (or has no master defined)"

This is the records output for mig19.de on master and slave (In SOA
record I changed ns2.ku-gbr.de to ns1.ku-gbr.de):

id, domain_id, name, type, content,ttl, prio, change_date, disabled,
ordername, auth

+-----+----+----------+-----+-------------------------------------+--------+-------+------+---+-+---+
| 333 | 32 | mig19.de | SOA | ns2.ku-gbr.de. hostmaster.mig19.de. |      
   |       |      |   | |   |
|     |    |          |     | 1449513605 16384 2048 1048576 2560  |
259200 |     0 | NULL | 0 | | 1 |
| 334 | 32 | mig19.de | A   | 1.1.1.20                            |  
86400 |     0 | NULL | 0 | | 1 |
| 336 | 32 | mig19.de | MX  | mail.mig19.de                       |  
86400 | 86400 | NULL | 0 | | 1 |
| 337 | 32 | mig19.de | NS  | ns1.ku-gbr.de                       |
259200 |     0 | NULL | 0 | | 1 |
| 338 | 32 | mig19.de | NS  | ns2.ku-gbr.de                       |
259200 |     0 | NULL | 0 | | 1 |
+-----+----+-------------+-----+----------------------------------+--------+-------+------+---+-+---+

Has this something to do with the type field for mig19.de in table
domains? Is this relevant in supermaster setup? Actually I tried NATIVE,
SLAVE and SUPERSLAVE, all the same...

Kind Regards
Konstantin



_______________________________________________
Pdns-users mailing list
[hidden email]
http://mailman.powerdns.com/mailman/listinfo/pdns-users
Reply | Threaded
Open this post in threaded view
|

Re: pdns_control appears with wrong IP on slave - supermaster setup

Koko Wijatmoko-2
On Thu, 10 Dec 2015 10:47:46 +0100
Konstantin Kletschke <[hidden email]> wrote:

> Then on the slave, the nameserver FQDN defining the slave was wrong, now
> it looks like this:
>
> +------------+------------------+---------+
> | ip         | nameserver       | account |
> +------------+------------------+---------+
> | 81.3.11.19 | ns2.ku-gbr.de.de | admin   |
> +------------+------------------+---------+
>
".de.de" ? typo ??

_______________________________________________
Pdns-users mailing list
[hidden email]
http://mailman.powerdns.com/mailman/listinfo/pdns-users
Reply | Threaded
Open this post in threaded view
|

Re: pdns_control appears with wrong IP on slave - supermaster setup

Konstantin Kletschke
Am 2015-12-10 11:04, schrieb Koko Wijatmoko:

> ".de.de" ? typo ??

Typo in the mail, sorry (don't know what happened).

Supermasters table looks (and looked) like this:

+------------+------------------+---------+
| ip         | nameserver       | account |
+------------+------------------+---------+
| 81.3.11.19 | ns2.ku-gbr.de    | admin   |
+------------+------------------+---------+



_______________________________________________
Pdns-users mailing list
[hidden email]
http://mailman.powerdns.com/mailman/listinfo/pdns-users
Reply | Threaded
Open this post in threaded view
|

Re: pdns_control appears with wrong IP on slave - supermaster setup

Martin
Have you tried specifying NS1's FQDN instead of NS2's in the supermaster
table, and having NS1 in the SOA record instead of NS2?

Martin


On 10-12-2015 11:15, Konstantin Kletschke wrote:

> Am 2015-12-10 11:04, schrieb Koko Wijatmoko:
>
>> ".de.de" ? typo ??
>
> Typo in the mail, sorry (don't know what happened).
>
> Supermasters table looks (and looked) like this:
>
> +------------+------------------+---------+
> | ip         | nameserver       | account |
> +------------+------------------+---------+
> | 81.3.11.19 | ns2.ku-gbr.de    | admin   |
> +------------+------------------+---------+
>
>
>
> _______________________________________________
> Pdns-users mailing list
> [hidden email]
> http://mailman.powerdns.com/mailman/listinfo/pdns-users

_______________________________________________
Pdns-users mailing list
[hidden email]
http://mailman.powerdns.com/mailman/listinfo/pdns-users
Reply | Threaded
Open this post in threaded view
|

Re: pdns_control appears with wrong IP on slave - supermaster setup

Konstantin Kletschke
Hi Martin,

I changed SOA to mention ns1.ku-gbr.de as I like it better to have
ns1.ku-gbr.de as the main ns server anyway.
But into supermasters there has to go the IP of the master (ip), the
FQDN of the salve (nameserver) and a random string into (account), is
that correct?

Am 2015-12-10 17:57, schrieb Martin:
> Have you tried specifying NS1's FQDN instead of NS2's in the
> supermaster table, and having NS1 in the SOA record instead of NS2?

Slave setup (entries in records identical to master):

mysql> select * from records where name='mig19.de';
+-----+-----------+----------+------+------------------------------------+--------+-------+-------------+----------+-----------+------+
| id  | domain_id | name     | type | content                            
| ttl    | prio  | change_date | disabled | ordername | auth |
+-----+-----------+----------+------+------------------------------------+--------+-------+-------------+----------+-----------+------+
| 334 |        30 | mig19.de | A    | 81.3.11.20                        
|  86400 |     0 |        NULL |        0 |           |    1 |
| 336 |        30 | mig19.de | MX   | mail.ku-gbr.de                    
|  86400 | 86400 |        NULL |        0 |           |    1 |
| 337 |        30 | mig19.de | NS   | ns1.ku-gbr.de                      
| 259200 |     0 |        NULL |        0 |           |    1 |
| 338 |        30 | mig19.de | NS   | ns2.ku-gbr.de                      
| 259200 |     0 |        NULL |        0 |           |    1 |
| 333 |        30 | mig19.de | SOA  | ns1.ku-gbr.de.                    
|        |       |             |          |           |      |
|     |           |          |      | hostmaster.mig19.de.              
|        |       |             |          |           |      |
|     |           |          |      | 1449513605 16384 2048 1048576 2560
| 259200 |     0 |        NULL |        0 |           |    1 |
+-----+-----------+----------+------+------------------------------------+--------+-------+-------------+----------+-----------+------+
5 rows in set (0.00 sec)

mysql> select * from domains where name='mig19.de';
+----+----------+--------+------------+--------+-----------------+---------+
| id | name     | master | last_check | type   | notified_serial |
account |
+----+----------+--------+------------+--------+-----------------+---------+
| 30 | mig19.de | NULL   |       NULL | SUPERM |            NULL | NULL  
   |
+----+----------+--------+------------+--------+-----------------+---------+
1 row in set (0.00 sec)

mysql> select * from supermasters;
+------------+---------------+---------+
| ip         | nameserver    | account |
+------------+---------------+---------+
| 81.3.11.19 | ns1.ku-gbr.de | admin   |
+------------+---------------+---------+
1 row in set (0.00 sec)

When I enter command on the master:

"pdns_control notify mig19.de"

In the master's syslog this - still - appears:

Dec 11 07:24:50 kermit pdns[24806]: Received NOTIFY for mig19.de from
81.3.11.19 but slave support is disabled in the configuration

which is okay, since master gets notified also and does refuse to handle
as a slave. In the slave's syslog I see this:

Dec 11 07:25:00 v22015082965927173 pdns[6829]: Received NOTIFY for
mig19.de from 81.3.11.18 which is not a master
Dec 11 07:25:00 v22015082965927173 pdns_server[6810]: Dec 11 07:25:00
Received NOTIFY for mig19.de from 81.3.11.18 which is not a master

Note the difference on master and slave: "NOTIFY [...] from 81.3.11.19"
and "NOTIFY [...] from 81.3.11.18"

When I enter command to retrieve on the slave I get:

root@v22015082965927173:~# pdns_control retrieve mig19.de
Domain 'mig19.de' is not a slave domain (or has no master defined)

This may be related to the wrong entry "SUPERM" for type in domains
table on slave I actually see. Might happened while trying NULL, NATIVE,
SLAVE and SUPERSLAVE but ended putting SUPERM(ASTER) into by accident. I
tried many permutations already and messed up.

Kind Regards
Konstantin Kletschke
















_______________________________________________
Pdns-users mailing list
[hidden email]
http://mailman.powerdns.com/mailman/listinfo/pdns-users
Reply | Threaded
Open this post in threaded view
|

Re: pdns_control appears with wrong IP on slave - supermaster setup

Kees Monshouwer-2
query-local-address is your friend.

https://doc.powerdns.com/md/authoritative/settings/#query-local-address



On 12/11/2015 10:28 AM, Konstantin Kletschke wrote:

> Hi Martin,
>
> I changed SOA to mention ns1.ku-gbr.de as I like it better to have
> ns1.ku-gbr.de as the main ns server anyway.
> But into supermasters there has to go the IP of the master (ip), the
> FQDN of the salve (nameserver) and a random string into (account), is
> that correct?
>
> Am 2015-12-10 17:57, schrieb Martin:
>> Have you tried specifying NS1's FQDN instead of NS2's in the
>> supermaster table, and having NS1 in the SOA record instead of NS2?
>
> Slave setup (entries in records identical to master):
>
> mysql> select * from records where name='mig19.de';
> +-----+-----------+----------+------+------------------------------------+--------+-------+-------------+----------+-----------+------+
>
> | id  | domain_id | name     | type |
> content                            | ttl    | prio  | change_date |
> disabled | ordername | auth |
> +-----+-----------+----------+------+------------------------------------+--------+-------+-------------+----------+-----------+------+
>
> | 334 |        30 | mig19.de | A    |
> 81.3.11.20                         |  86400 |     0 |        NULL
> |        0 |           |    1 |
> | 336 |        30 | mig19.de | MX   |
> mail.ku-gbr.de                     |  86400 | 86400 |        NULL
> |        0 |           |    1 |
> | 337 |        30 | mig19.de | NS   |
> ns1.ku-gbr.de                      | 259200 |     0 |        NULL
> |        0 |           |    1 |
> | 338 |        30 | mig19.de | NS   |
> ns2.ku-gbr.de                      | 259200 |     0 |        NULL
> |        0 |           |    1 |
> | 333 |        30 | mig19.de | SOA  |
> ns1.ku-gbr.de.                     |        |       |            
> |          |           |      |
> |     |           |          |      |
> hostmaster.mig19.de.               |        |       |            
> |          |           |      |
> |     |           |          |      | 1449513605 16384 2048 1048576
> 2560 | 259200 |     0 |        NULL |        0 |           |    1 |
> +-----+-----------+----------+------+------------------------------------+--------+-------+-------------+----------+-----------+------+
>
> 5 rows in set (0.00 sec)
>
> mysql> select * from domains where name='mig19.de';
> +----+----------+--------+------------+--------+-----------------+---------+
>
> | id | name     | master | last_check | type   | notified_serial |
> account |
> +----+----------+--------+------------+--------+-----------------+---------+
>
> | 30 | mig19.de | NULL   |       NULL | SUPERM |            NULL |
> NULL    |
> +----+----------+--------+------------+--------+-----------------+---------+
>
> 1 row in set (0.00 sec)
>
> mysql> select * from supermasters;
> +------------+---------------+---------+
> | ip         | nameserver    | account |
> +------------+---------------+---------+
> | 81.3.11.19 | ns1.ku-gbr.de | admin   |
> +------------+---------------+---------+
> 1 row in set (0.00 sec)
>
> When I enter command on the master:
>
> "pdns_control notify mig19.de"
>
> In the master's syslog this - still - appears:
>
> Dec 11 07:24:50 kermit pdns[24806]: Received NOTIFY for mig19.de from
> 81.3.11.19 but slave support is disabled in the configuration
>
> which is okay, since master gets notified also and does refuse to
> handle as a slave. In the slave's syslog I see this:
>
> Dec 11 07:25:00 v22015082965927173 pdns[6829]: Received NOTIFY for
> mig19.de from 81.3.11.18 which is not a master
> Dec 11 07:25:00 v22015082965927173 pdns_server[6810]: Dec 11 07:25:00
> Received NOTIFY for mig19.de from 81.3.11.18 which is not a master
>
> Note the difference on master and slave: "NOTIFY [...] from
> 81.3.11.19" and "NOTIFY [...] from 81.3.11.18"
>
> When I enter command to retrieve on the slave I get:
>
> root@v22015082965927173:~# pdns_control retrieve mig19.de
> Domain 'mig19.de' is not a slave domain (or has no master defined)
>
> This may be related to the wrong entry "SUPERM" for type in domains
> table on slave I actually see. Might happened while trying NULL,
> NATIVE, SLAVE and SUPERSLAVE but ended putting SUPERM(ASTER) into by
> accident. I tried many permutations already and messed up.
>
> Kind Regards
> Konstantin Kletschke
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> _______________________________________________
> Pdns-users mailing list
> [hidden email]
> http://mailman.powerdns.com/mailman/listinfo/pdns-users


_______________________________________________
Pdns-users mailing list
[hidden email]
http://mailman.powerdns.com/mailman/listinfo/pdns-users
Reply | Threaded
Open this post in threaded view
|

Re: pdns_control appears with wrong IP on slave - supermaster setup

Konstantin Kletschke
Am 2015-12-11 10:49, schrieb Kees Monshouwer:
> query-local-address is your friend.

Thank you Kees, the description of this config option looks extremly
like it will solve my problem.

I will tell here about the results trying it out as soon as I get my
hand on this construction place again!

Kind Regards,
Konstantin

_______________________________________________
Pdns-users mailing list
[hidden email]
http://mailman.powerdns.com/mailman/listinfo/pdns-users
Reply | Threaded
Open this post in threaded view
|

Re: pdns_control appears with wrong IP on slave - supermaster setup

Konstantin Kletschke
Hello,

knowing and using this option on the master solved all my problems, thak
you. Everything is up and working now!

Kind Regards
Konstantin Kletschke

_______________________________________________
Pdns-users mailing list
[hidden email]
http://mailman.powerdns.com/mailman/listinfo/pdns-users