You are browsing a read-only backup copy of Wikitech. The primary site can be found at


From Wikitech-static
Revision as of 00:17, 24 March 2018 by imported>Krinkle
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

PowerDNS [1] is the DNS server we use for geographic DNS balancing, and possibly "normal" authoritative DNS in future as well. This page explains configuration. More can be found on DNS.


It's best to bind PowerDNS to a specific IP, instead of INADDR_ANY. To do that, put:


A backend like geobackend can't make use of caching, since returned results will be different depending on "who's asking". Therefore, disable caching:


If just geobackend is used, multithreading is unnecessary, and may even impact performance. Make pdns single-threaded with:


In geobackend itself, there are no wildcard records, so pdns shouldn't have to check for them:


Running privileged is unnecessary (of course make sure these user/group exist):


Launch the backend that will be used, in the specified order, seperated by commas:


Geobackend configuration

Specify the zone that will contain the "georecords":

Every zone needs a SOA record, and so does a geo-zone. Only the SOA name and hostmaster fields are important. Specify them comma separated:,

Every zone needs to have NS records as well, to specify the authoritative servers:,,

Geobackend reads in an rbldnsd-style zonefile, to map specific IPs to countries. Specify the path to this file:


Every record in the "geo zone" has its own "map file", mapping every country to some CNAME. Geobackend will read all files in the directory specified here, and use the filename as the recordname:


Every DNS record has a TTL, and geobackend currently only allows to specify these globally. Default is 1 hour for normal (CNAME) records, 1 day for NS records:



This is not the way Wikimedia's setup works. For that, see DNS

To maintain an identical configuration of geomaps, the following rsync cronjob can be used:

*/15 * * * *    pdns    NR=$(rsync -rt --delete \
                        rsync://rsync-path /etc/powerdns/directormaps | \
                        awk '/Number of files transferred/ { print $5 }'); \
                        [ $NR != "0" ] && /usr/local/bin/pdns_control rediscover > /dev/null

This rsyncs the geo map files from a central repository, and sends PowerDNS a signal to reread them if they've actually been changed.

The DNSBL should be regularly updated as well, for example daily:

07 04 * * *     pdns    rsync -qt rsync:// \
                        /usr/local/etc/powerdns/ && \
                        /usr/local/bin/pdns_control rediscover > /dev/null

External links