Before a supermaster notification succeeds, the following conditions
must be met:
+ - :ref:`setting-supermaster` support must be enabled
- The supermaster must carry a SOA record for the notified domain
- The supermaster IP must be present in the 'supermaster' table
- The set of NS records for the domain, as retrieved by the slave from the supermaster, must include the name that goes with the IP address in the supermaster table
called ``pdns.pid`` by default. See :ref:`setting-config-name`
and :doc:`Virtual Hosting <guides/virtual-instances>` how this can differ.
+.. _setting-supermaster:
+
+``supermaster``
+------------
+
+- Boolean
+- Default: no
+
+.. versionadded:: 4.2.0
+
+Turn on supermaster support. See :ref:`supemaster-operation`.
+
.. _setting-tcp-control-address:
``tcp-control-address``
::arg().setSwitch("slave","Act as a slave")="no";
::arg().setSwitch("master","Act as a master")="no";
+ ::arg().setSwitch("supermaster", "Act as a supermaster")="no";
::arg().setSwitch("disable-axfr-rectify","Disable the rectify step during an outgoing AXFR. Only required for regression testing.")="no";
::arg().setSwitch("guardian","Run within a guardian process")="no";
::arg().setSwitch("prevent-self-notification","Don't send notifications to what we think is ourself")="yes";
//
DomainInfo di;
if(!B.getDomainInfo(p->qdomain, di, false) || !di.backend) {
- g_log<<Logger::Warning<<"Received NOTIFY for "<<p->qdomain<<" from "<<p->getRemote()<<" for which we are not authoritative, trying supermaster"<<endl;
- return trySuperMaster(p, p->getTSIGKeyname()); // FIXME a global 'off' switch for supermaster support will save some resources in setups without supermasters
+ if(::arg().mustDo("supermaster")) {
+ g_log<<Logger::Warning<<"Received NOTIFY for "<<p->qdomain<<" from "<<p->getRemote()<<" for which we are not authoritative, trying supermaster"<<endl;
+ return trySuperMaster(p, p->getTSIGKeyname());
+ }
+ g_log<<Logger::Notice<<"Received NOTIFY for "<<p->qdomain<<" from "<<p->getRemote()<<" for which we are not authoritative (Refused)"<<endl;
+ return RCode::Refused;
}
if(::arg().contains("trusted-notification-proxy", p->getRemote().toString())) {
g_log<<Logger::Warning<<"Received NOTIFY for "<<p->qdomain<<" from "<<p->getRemote()<<" which is not a master (Refused)"<<endl;
return RCode::Refused;
}
-
+
if(!s_forwardNotify.empty()) {
set<string> forwardNotify(s_forwardNotify);
for(set<string>::const_iterator j=forwardNotify.begin();j!=forwardNotify.end();++j) {
$RUNWRAPPER $PDNS2 --daemon=no --local-port=$slaveport --config-dir=. --module-dir=../regression-tests/modules \
--config-name=gsqlite3-slave --socket-dir=./ --no-shuffle --local-address=127.0.0.2 --local-ipv6='' \
- --slave --retrieval-threads=4 --slave=yes --query-local-address=127.0.0.2 \
+ --slave --retrieval-threads=4 --slave=yes --supermaster=yes --query-local-address=127.0.0.2 \
--slave-cycle-interval=300 --allow-unsigned-notify=no --allow-unsigned-supermaster=no &
}
$RUNWRAPPER $PDNS2 --daemon=no --local-port=$slaveport --config-dir=. --module-dir=../regression-tests/modules \
--config-name=gsqlite3-slave --socket-dir=./ --no-shuffle --local-address=127.0.0.2 --local-ipv6= \
- --slave --retrieval-threads=4 --slave=yes --query-local-address=127.0.0.2 \
+ --slave --retrieval-threads=4 --slave=yes --supermaster=yes --query-local-address=127.0.0.2 \
--slave-cycle-interval=300 --dname-processing &
}
projects / pdns / commitdiff