Before a supermaster notification succeeds, the following conditions
must be met:
+ - :ref:`setting-superslave` support must be enabled
- The supermaster must carry a SOA record for the notified domain
- The supermaster IP must be present in the 'supermaster' table
- The set of NS records for the domain, as retrieved by the slave from the supermaster, must include the name that goes with the IP address in the supermaster table
.. _setting-tcp-control-address:
+.. _setting-superslave:
+
+``superslave``
+---------------
+
+- Boolean
+- Default: yes
+
+.. versionadded:: 4.1.9
+ In versions before 4.1.9, this setting did not exist, it was not possible to disable
+ supermaster support.
+
+Turn on supermaster support. See :ref:`supermaster-operation`.
+
``tcp-control-address``
-----------------------
::arg().setSwitch("slave","Act as a slave")="no";
::arg().setSwitch("master","Act as a master")="no";
+ ::arg().setSwitch("superslave", "Act as a superslave")="yes";
::arg().setSwitch("disable-axfr-rectify","Disable the rectify step during an outgoing AXFR. Only required for regression testing.")="no";
::arg().setSwitch("guardian","Run within a guardian process")="no";
::arg().setSwitch("prevent-self-notification","Don't send notifications to what we think is ourself")="yes";
DomainInfo di;
di.serial = 0;
if(!B.getDomainInfo(p->qdomain, di) || !(db=di.backend)) {
- L<<Logger::Error<<"Received NOTIFY for "<<p->qdomain<<" from "<<p->getRemote()<<" for which we are not authoritative"<<endl;
- return trySuperMaster(p, p->getTSIGKeyname());
+ if(::arg().mustDo("superslave")) {
+ L<<Logger::Warning<<"Received NOTIFY for "<<p->qdomain<<" from "<<p->getRemote()<<" for which we are not authoritative"<<endl;
+ return trySuperMaster(p, p->getTSIGKeyname());
+ }
+ L<<Logger::Notice<<"Received NOTIFY for "<<p->qdomain<<" from "<<p->getRemote()<<" for which we are not authoritative (Refused)"<<endl;
+ return RCode::Refused;
}
meta.clear();
$RUNWRAPPER $PDNS2 --daemon=no --local-port=$slaveport --config-dir=. --module-dir=../regression-tests/modules \
--config-name=gsqlite3-slave --socket-dir=./ --no-shuffle --local-address=127.0.0.2 --local-ipv6='' \
- --slave --retrieval-threads=4 --slave=yes --query-local-address=127.0.0.2 \
+ --slave --retrieval-threads=4 --slave=yes --superslave=yes --query-local-address=127.0.0.2 \
--slave-cycle-interval=300 --allow-unsigned-notify=no --allow-unsigned-supermaster=no &
}
$RUNWRAPPER $PDNS2 --daemon=no --local-port=$slaveport --config-dir=. --module-dir=../regression-tests/modules \
--config-name=gsqlite3-slave --socket-dir=./ --no-shuffle --local-address=127.0.0.2 --local-ipv6= \
- --slave --retrieval-threads=4 --slave=yes --query-local-address=127.0.0.2 \
+ --slave --retrieval-threads=4 --slave=yes --superslave=yes --query-local-address=127.0.0.2 \
--slave-cycle-interval=300 --dname-processing &
}
projects / thirdparty / pdns.git / commitdiff
