PowerDNS 和 CNAME 到外部域
我正在为我的客户使用 PowerDNS (2.9.22)。因为它可以将所有数据存储到MySQL数据库中,并且客户可以轻松地根据需要编辑他们的区域。
现在我遇到了 CNAME 问题:
这是 MySQL 数据库中的记录:
+-----------------------+-------+-----------------------+
| localhost.example.com | A | 127.0.0.1 |
+-----------------------+-------+-----------------------+
| a.example.com | CNAME | localhost.example.com |
+-----------------------+-------+-----------------------+
| www.example.com | CNAME | andreyzentavr.com |
+-----------------------+-------+-----------------------+
PowerDNS 配置在这里:
allow-recursion=127.0.0.1, 173.193.**.162, 173.193.**.163
allow-recursion-override=on
cache-ttl=20
config-dir=/etc/powerdns
daemon=yes
default-soa-name=ns3.bserver.com
disable-axfr=yes
guardian=no
launch=gmysql
gmysql-host=127.0.0.1
gmysql-port=3306
gmysql-user=powerdns
gmysql-dbname=powerdns
gmysql-password=123123
lazy-recursion=yes
local-address=173.193.**.162, 173.193.**.163
local-port=53
log-dns-details=yes
log-failed-updates=yes
logfile=/var/log/pdns.log
loglevel=6
master=yes
max-queue-length=5000
max-tcp-connections=10
module-dir=/usr/lib/powerdns
query-logging=yes
recursor=127.0.0.1:53
setgid=pdns
setuid=pdns
skip-cname=no
slave=yes
slave-cycle-interval=600
soa-minimum-ttl=3600
soa-refresh-default=10800
soa-retry-default=3600
soa-serial-offset=0
socket-dir=/var/run
use-logfile=yes
wildcards=yes
version-string=powerdns
当我进行 nslookup 查询时,我得到了这个:
server:~# nslookup
> set q=any
> server ns3.***.com
Default server: ns3.***.com
Address: 173.193.**.163#53
> a.example.com
Server: ns3.***.com
Address: 173.193.***.163#53
a.example.com canonical name =localhost.example.com.
Name: localhost.example.com
Address: 127.0.0.1
>
>
> www.example.com
Server: ns3.***.com
Address:
173.193.***.163#53
** server can't find www.example.com: NXDOMAIN
如您所见,如果 CNAME 指向内部记录 - 一切都会解析正常。但如果它指向外部域 - 我就会出错。
andreyzentavr.com 是现有域并指向 194.126.204.41
这是 PowerDNS 中的错误吗?还是我配置错了?
I'm using PowerDNS (2.9.22) for my clients. Because it can store all data into MySQL database and it's easy for clients to edit their zones as they like.
Now I have a problem with CNAMEs:
Here are records into MySQL database:
+-----------------------+-------+-----------------------+
| localhost.example.com | A | 127.0.0.1 |
+-----------------------+-------+-----------------------+
| a.example.com | CNAME | localhost.example.com |
+-----------------------+-------+-----------------------+
| www.example.com | CNAME | andreyzentavr.com |
+-----------------------+-------+-----------------------+
PowerDNS config is here:
allow-recursion=127.0.0.1, 173.193.**.162, 173.193.**.163
allow-recursion-override=on
cache-ttl=20
config-dir=/etc/powerdns
daemon=yes
default-soa-name=ns3.bserver.com
disable-axfr=yes
guardian=no
launch=gmysql
gmysql-host=127.0.0.1
gmysql-port=3306
gmysql-user=powerdns
gmysql-dbname=powerdns
gmysql-password=123123
lazy-recursion=yes
local-address=173.193.**.162, 173.193.**.163
local-port=53
log-dns-details=yes
log-failed-updates=yes
logfile=/var/log/pdns.log
loglevel=6
master=yes
max-queue-length=5000
max-tcp-connections=10
module-dir=/usr/lib/powerdns
query-logging=yes
recursor=127.0.0.1:53
setgid=pdns
setuid=pdns
skip-cname=no
slave=yes
slave-cycle-interval=600
soa-minimum-ttl=3600
soa-refresh-default=10800
soa-retry-default=3600
soa-serial-offset=0
socket-dir=/var/run
use-logfile=yes
wildcards=yes
version-string=powerdns
when I'm doing nslookup query, I got this:
server:~# nslookup
> set q=any
> server ns3.***.com
Default server: ns3.***.com
Address: 173.193.**.163#53
> a.example.com
Server: ns3.***.com
Address: 173.193.***.163#53
a.example.com canonical name =localhost.example.com.
Name: localhost.example.com
Address: 127.0.0.1
>
>
> www.example.com
Server: ns3.***.com
Address:
173.193.***.163#53
** server can't find www.example.com: NXDOMAIN
As you can see, if CNAME points to INTERNAL record - everything resolves fine. But if it points to external domain - I have an error.
andreyzentavr.com is existant domain and points to 194.126.204.41
Is it bug in PowerDNS? Or did I configure it wrongly?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
解决方案是将递归器放在权威服务器前面,并使用forward-zones-recurse指令将递归器配置为将特定域转发到权威服务器。需要 3.2 版本的递归器。
Solution is to put the recursor in front of the authoritative server and configure the recursor to forward specific domains to the authoritative server using the forward-zones-recurse directive. Requires version 3.2 of the recursor.
通常,对于 DNS,如果要将 CNAME 指向外部记录,则必须在记录末尾添加句点 (
sub.domain.com.)。当您省略最后一个点时,DNS 会将其解释为相对记录(因此sub.domain.com将被解释为sub.domain.com.domain.com,例如)。我假设由于您在数据库中设置了
localhost.example.com的“A”记录,PowerDNS 会看到该记录并知道这是您要指向的域,即使您没有将另一个 CNAME 设置为绝对 CNAME (localhost.example.com.) 或相对 CNAME(仅主机名中的localhost)。Usually, with DNS, if you want to point a CNAME to an external record, you have to add a period to the end of the record (
sub.domain.com.). When you leave off the final dot, DNS interprets it as a relative record (sosub.domain.comwould be interpreted assub.domain.com.domain.com, for example).I would assume since you have an 'A' record for
localhost.example.comset up in your database, PowerDNS sees that and knows that's the domain you mean to point to, even though you didn't make the other CNAME absolute (localhost.example.com.) or relative (justlocalhostin the hostname).