Am not sure this is a WHM issue or a PDNS issue. PDNS will not start if there is an also-notify section in named.conf
Have been running BIND for quite a while, with hostname A records in my zone pointing to the main IP and my registrar pointing to those hostnames. Everything working OK.
Decided to enable DNSSEC, which also went OK, except that I could no longer ping certain hostnames (such as my nameservers).
We do not like seeing "Unknown host" when pinging nameservers!
Turns out it was because I was also using my host (linode) for reverse DNS, and they were the master. They also at this time do not support DNSSEC, and suggested I instead use their dns as a slave so I could be the authoritative server.
In setting that up, per their own documentation, I edited named.conf, updating the allow-transfer section to point to their nameservers, and adding a also-notify section pointing to certain IP's of theirs which handle AXFR requests.
Since running
named-checkconf /etc/named.conf
produced no output, I assumed the edited named.conf was OK, and restarted DNS via WHM.
This failed. Shelling into look at the logs, I seemed to have a syntax error in named.conf. The line number for the syntax error was where also-notify begins.
PowerDNS docs themselves say they use a comma-seperated format (as opposed to Bind's method of one-line-per entry with a semi-colon), so commented that section out from named.conf, then uncommented the also-notify section of /etc/pdns/pdns.conf, adding the comma-seperated list of IP's.
PowerDNS now starts as expected.
So, is this a bug in how PowerDNS is interpreting the settings in named.conf (PDNS docs say they don't support everything from Bind, but do support also-notify), or something going on with WHM? Just curious.
Have been running BIND for quite a while, with hostname A records in my zone pointing to the main IP and my registrar pointing to those hostnames. Everything working OK.
Decided to enable DNSSEC, which also went OK, except that I could no longer ping certain hostnames (such as my nameservers).
We do not like seeing "Unknown host" when pinging nameservers!
Turns out it was because I was also using my host (linode) for reverse DNS, and they were the master. They also at this time do not support DNSSEC, and suggested I instead use their dns as a slave so I could be the authoritative server.
In setting that up, per their own documentation, I edited named.conf, updating the allow-transfer section to point to their nameservers, and adding a also-notify section pointing to certain IP's of theirs which handle AXFR requests.
Since running
named-checkconf /etc/named.conf
produced no output, I assumed the edited named.conf was OK, and restarted DNS via WHM.
This failed. Shelling into look at the logs, I seemed to have a syntax error in named.conf. The line number for the syntax error was where also-notify begins.
PowerDNS docs themselves say they use a comma-seperated format (as opposed to Bind's method of one-line-per entry with a semi-colon), so commented that section out from named.conf, then uncommented the also-notify section of /etc/pdns/pdns.conf, adding the comma-seperated list of IP's.
PowerDNS now starts as expected.
So, is this a bug in how PowerDNS is interpreting the settings in named.conf (PDNS docs say they don't support everything from Bind, but do support also-notify), or something going on with WHM? Just curious.
