DirectSlave - solution to add and remove zones on slave without DirectAdmin

Ok now i have reinstalled with cpan Net::Server and getting this error.

/usr/local/directslave/bin/directslave --debug
Config: $VAR1 = {
'rndc_path' => '/usr/sbin/rndc',
'retry_time' => '1200',
'ssl_cert' => '/usr/local/directslave/ssl/server.crt',
'named_conf' => '/etc/namedb/directslave.conf',
'pid' => '/usr/local/directslave/run/directslave.pid',
'ssl_key' => '/usr/local/directslave/ssl/server.key',
'debug' => 1,
'authfile' => '/usr/local/directslave/etc/passwd',
'action_log' => '/usr/local/directslave/log/action.log',
'server_type' => 'HTTP',
'error_log' => '/usr/local/directslave/log/error.log',
'uid' => 'named',
'ssl' => 'on',
'access_log' => '/usr/local/directslave/log/access.log',
'background' => 0,
'port' => '2222',
'host' => '0.0.1.144',
'sslport' => '2224',
'named_workdir' => '/etc/namedb/secondary',
'allow' => '0.0.0.0/0',
'gid' => 'named'
};
Listen ports: $VAR1 = [
'2222',
'2224/ssl'
];
Couldn't find pid in existing pid_file at /usr/local/share/perl5/Net/Server/Daemonize.pm line 48.
2013/12/04-22:57:47 Couldn't find pid in existing pid_file at /usr/local/share/perl5/Net/Server/Daemonize.pm line 48.

at line 145 in file /usr/local/share/perl5/Net/Server.pm
2013/12/04-22:57:47 Server closing!
Click to expand...
 
ok got it working. looked up at Johns posts above.

I had an empty pid file at /usr/local/directslave/run/

I am having ssl error and disabled that for now.
 
Hi again,

ok it seems to be working but not entirely, the access log shows the login and action log shows the zone being received from DA server but nothing is being updated in /etc/namedb/secondary/named.conf.

There are no errors in the error log and running --check confirms all is ok.

By the way this is on a CentOS 6.4

Does anyone have any suggestions ?
 
SeLLeRoNe said:
the slave file exist? it just dont get written or it get written but zones not created?

Regards
Click to expand...

Ciao Andrea!

Ok it is all working correctly now, tutti bene!

I deleted all the files in /etc/namedb and stopped bind and directslave, touch /etc/namedb/secondary/named.conf with named owner then restarted directslave and bind. Im not sure what happened, now all my zones came in from Directadmin.

By the way i used your CentOS startup script, works well thanks!

Thanks again to Roman, Directslave is great!
 
I'm running 1.3 on CentOS 4.9 and it does not create a .db file in slave mode, but it does write in the named.conf file. However, in master mode it does create a .db file.


What am I doing wrong?
 
You do all the correct, `slave` mode is designed for primary<->secondary mechanism integration (your DirectAdmin is primary DNS and DirectSlave is secondary), while in `master` mode you DS server works as a primary DNS too. Master mode is not recommended if you have slow and unstable connection between DA and DS servers. Slave mode is recommended anytime, but you should set up AXFR on your primary DNS.
 
bluebirdnet said:
Ciao Andrea!

Ok it is all working correctly now, tutti bene!

I deleted all the files in /etc/namedb and stopped bind and directslave, touch /etc/namedb/secondary/named.conf with named owner then restarted directslave and bind. Im not sure what happened, now all my zones came in from Directadmin.

By the way i used your CentOS startup script, works well thanks!

Thanks again to Roman, Directslave is great!
Click to expand...

Thank you for using it :)

Andrea, thank you wery much for the excellent support! :)
 
roman_m said:
You do all the correct, `slave` mode is designed for primary<->secondary mechanism integration (your DirectAdmin is primary DNS and DirectSlave is secondary), while in `master` mode you DS server works as a primary DNS too. Master mode is not recommended if you have slow and unstable connection between DA and DS servers. Slave mode is recommended anytime, but you should set up AXFR on your primary DNS.
Click to expand...

So no .db will be created in slave mode, correct?
 
DhoTjai said:
So no .db will be created in slave mode, correct?
Click to expand...

In `slave` mode .db files should be created by `named` itself, not by DirectSlave. In `slave` mode, DS just receive domain name and IP of `master` server to populate named.conf entry, while in `master` mode DS get all of zone records from `master` server via HTTP api request, then write it to .db file + named.conf enrty.
 
Icheb said:
In case anyone is interested. My company contacted Roman a while back to ask if we could work together to implement some features to allow DirectSlave to work with PowerDNS.
However, he didn't reply to my mail.

Due to the fact we are going live with this soon, I completed a merge (still untested) and have opensourced it.
If you're interested, it's freely available on Bitbucket: https://bitbucket.org/sebastianberm/directslave-pdns

We will probably expand this to also support DNSSEC keysigning and go live with it before the end of the year.
Is there anyone interested in such a fork?
Click to expand...

Hi Icheb,

I'm interested. Have you managed to test it?
 
wired said:
Hi Icheb,
I'm interested. Have you managed to test it?
Click to expand...
There are still a couple of issues with this system, but last weekend, I managed to sign the first zone (still manually).
Next up is automatic keysigning and a guide on how to distribute everything. The actual uploading the zone to the registrar is out of scope for this at the moment.
But I have been able to:
  • Let the modified daemon listen
  • Receive and remove domains coming from a DA server
  • Let all the AXFR's happen from the DA server to PowerDNS
I do however have an issue with the MySQL connection causing it to loose the connection after each 'command', but have a work around in place.
When I've got the code cleaned up, I'll do a commit :).
 
Icheb: If I can help in testing or something else let me know...I will setup test environment and will do my best to help
 
Hi Again,

Roman..

Ok in the past i got this working well on a CentOS box.

Now i am trying to configure this on a Debian 7.3

getting errors below when running in debug mode (disregard the ip i modified it and changed it for this post)

what does the "Duplicate configuration (TCP) on" mean ?

and when testing connection from DA server i get "This doesn't look like start-end
at /usr/local/share/perl/5.14.2/Net/Server.pm line 602"



2014/02/02-20:31:17 main (type Net::Server::HTTP) starting! pid(11178)
Duplicate configuration (TCP) on [0.0.177.43]:2222 with IPv4) - skipping
Binding to TCP port 2222 on host 0.0.177.43 with IPv4
Setting gid to "116 116"
Setting uid to "113"
This doesn't look like start-end
at /usr/local/share/perl/5.14.2/Net/Server.pm line 602
Click to expand...


thanks for nay help
 
Icheb said:
There are still a couple of issues with this system, but last weekend, I managed to sign the first zone (still manually).
Next up is automatic keysigning and a guide on how to distribute everything. The actual uploading the zone to the registrar is out of scope for this at the moment.
But I have been able to:
  • Let the modified daemon listen
  • Receive and remove domains coming from a DA server
  • Let all the AXFR's happen from the DA server to PowerDNS
I do however have an issue with the MySQL connection causing it to loose the connection after each 'command', but have a work around in place.
When I've got the code cleaned up, I'll do a commit :).
Click to expand...

Great work! Really! (handshake)
 
roman_m said:
Forget to install Net::CIDR module?
Click to expand...

Hi Roman,

yes its there.

cpan install Net::CIDR
Reading '/root/.cpan/Metadata'
Database was generated on Mon, 03 Feb 2014 02:29:02 GMT
Net::CIDR is up to date (0.17).

the refrence to line 602 in

"This doesn't look like start-end
at /usr/local/share/perl/5.14.2/Net/Server.pm line 602"

is this :

return 1 if Net::CIDR::cidrlookup($peeraddr, @{ $prop->{'cidr_allow'} });
 
You must log in or register to reply here.
Back
Top