SANOG 41 DNS workshop
Toggle Dark/Light/Auto mode Toggle Dark/Light/Auto mode Toggle Dark/Light/Auto mode Back to homepage
  1. Overview
  2. /
  3. Labs
  4. /
  5. Day 2
  6. /
  7. Replication Setup

Replication Setup

Goal of this lab is to setup replication between primary (e.g a01) and secondary (e.g b01).

Security note: This lab is based on pre-established wireguard vpn tunnels between primary and secondary. Remember to set these up in the real production environment or else use TSIG for the security.


Step 1: Update /etc/powerdns/pdns.conf to enable primary (e.g on a01)

Add following in /etc/powerdns/pdns.conf

primary=yes
also-notify=192.168.1.2
only-notify=192.168.1.2
allow-axfr-ips=192.168.1.2/32

Step 2: Update /etc/powerdns/pdns.conf to enable secondary (e.g on b01)

Add following in /etc/powerdns/pdns.conf

secondary=yes
autosecondary=yes
allow-notify-from=192.168.1.1
loglevel=5

Step 3: Restart PowerDNS on both primary and secondary 

sudo systemctl restart pdns

At this point we have PowerDNS running on both primary and secondary with notfications and zone transfers enabled from primary to secondary.


Step 4: Update autoprimary on secondary

Setup secondary to use primary as “autoprimary” for automatic domain provisioning.

On your secondary (b01), use following command

anurag@b01:~$ sudo pdnsutil add-autoprimary 192.168.1.1 a01.learndns.info
anurag@b01:~$

You can list and verify this change:

anurag@b01:~$ sudo pdnsutil list-autoprimaries 
IP=192.168.1.1, NS=a01.learndns.info, account=
anurag@b01:~$

Next, proceed to PowerDNS Admin setup.