Hello I got the Error : notify Refused- on the Slave server that waiting for updating record from the Master.
I have installed PowerDNS on a fresh server using the both official PowerDNS ansible and by bare hand (test on this two method really! :D)
Here is the configuration and detailed info.
Specification
PowerDNS version : 4.5.2
Ubuntu 20.04
Backend : mysql
Master Configuration
pdns.conf
launch=
allow-axfr-ips=159.223.76.221/32
config-dir=/etc/powerdns
daemon=yes
disable-axfr=no
guardian=yes
local-address=0.0.0.0
local-port=53
log-dns-details=on
loglevel=3
master=yes
slave=no
setgid=pdns
setuid=pdns
socket-dir=/var/pdns
version-string=powerdns
include-dir=/etc/powerdns/pdns.d
api=yes
api-key=24xd
I can add any records on Master Server without any problem.
Slave Configuration
pdns.conf
launch=
#guardian=yes
daemon=on
log-dns-details=on
slave=yes
slave-cycle-interval=60
logging-facility=0
log-dns-queries=yes
loglevel=5
include-dir=/etc/powerdns/pdns.d
On the notify command on Master Server :
pdns_control notify gogon.xyz
Upon command on Slave DNS:
tcpdump -n 'host 128.199.220.234 and port 53' -v
Here what I got :
tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes
08:06:08.926420 IP (tos 0x0, ttl 60, id 24776, offset 0, flags [DF], proto UDP (17), length 55)128.199.220.234.11643 > 159.223.76.221.53: 10150 notify [b2&3=0x2400] SOA? gogon.xyz. (27)
08:06:08.928383 IP (tos 0x0, ttl 64, id 20439, offset 0, flags [none], proto UDP (17), length 55)
159.223.76.221.53 > 128.199.220.234.11643: 10150 notify Refused*- 0/0/0 (27)
Some of the online resources suggest me to allow the port 53/UDP to be opened.
Here is my UFW status :
|
|
|
| 53/tcp |
ALLOW |
Anywhere |
| 53/udp |
ALLOW |
Anywhere |
| 53/tcp(v6) |
ALLOW |
Anywhere(v6) |
| 53/udp (v6) |
ALLOW |
Anywhere(v6) |
On Slave the record in the database also added :
+-----------------+----------------------+---------+
| ip | nameserver | account |
+-----------------+----------------------+---------+
| 128.199.220.234 | ns2.share-system.com | admin |
+-----------------+----------------------+---------+
Record on Master for the domain
--+
| id | domain_id | name | type | content | ttl | prio | disabled | ordername | auth |
+----+-----------+-----------+------+---------------------------------------------+-------+------+----------+-----------+------+
| 1 | 1 | gogon.xyz | SOA | ns1.share-system.com hostmaster.share-system.com 2022011603 28800 7200 604800 86400 | 86400 | 0 | 0 | NULL | 1 |
| 2 | 1 | gogon.xyz | NS | ns1.share-system.com | 86400 | 0 | 0 | NULL | 1 |
| 3 | 1 | gogon.xyz | NS | ns2.share-system.com | 86400 | 0 | 0 | NULL | 1 |
| 4 | 1 | gogon.xyz | A | 128.199.220.234 | 86400 | 0 | 0 | NULL | 1 |
+----+-----------+-----------+------+---------------------------------------------+-------+------+----------+-----------+----
ns1.share-sytem.com and ns2.share-system.com record A has added to the Domain control and its nameserver record based on the master and slave IP (ns1 -> master, ns2 -> slave)
The test domain gogon.xyz also added to the respective ns1 and ns2
I have already changed the slave to secondary and master to primary to the pnds.conf without any success.
On checking the Listening port :
udp UNCONN 0 0 159.223.76.221:53 0.0.0.0:* users:(("pdns_server",pid=9966,fd=5))
tcp LISTEN 0 128 159.223.76.221:53 0.0.0.0:* users:(("pdns_server",pid=9966,fd=6))
ping between two server is working without any issue.
Any suggestions for solving this issue are appreciated.
Thank you.
