From: Pieter Lexis Date: Fri, 5 Sep 2014 22:31:32 +0000 (+0200) Subject: Make some of the table and lists prettier X-Git-Tag: rec-3.7.0-rc1~161^2^2~18 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=870ea11f021f3dcee866e8dce40c69afe08da66f;p=thirdparty%2Fpdns.git Make some of the table and lists prettier --- diff --git a/pdns/docs/markdown/authoritative/index.md b/pdns/docs/markdown/authoritative/index.md index aae957c249..3ea5ff38dd 100644 --- a/pdns/docs/markdown/authoritative/index.md +++ b/pdns/docs/markdown/authoritative/index.md @@ -1,7 +1,7 @@ # PowerDNS Authoritative Nameserver The PowerDNS Authoritative Server is a versatile nameserver which supports a large number of backends. These backends can either be plain zone files or be more dynamic in nature. -Prime examples of backends include relational databases, but also (geographical) load balancing and failover algorithms. +Examples of backends include relational databases, other DNS data formats and coprocesses. # Backends PowerDNS has the concepts of 'backends'. A backend is a datastore that the server will consult that contains DNS records (and some meta-data). diff --git a/pdns/docs/markdown/authoritative/installation.md b/pdns/docs/markdown/authoritative/installation.md index 157303d11e..04b0861210 100644 --- a/pdns/docs/markdown/authoritative/installation.md +++ b/pdns/docs/markdown/authoritative/installation.md @@ -9,13 +9,13 @@ Running PowerDNS on Microsoft Windows is unsupported from version 3.0 onward. ## Binary Packages ### Debian-based Systems -PowerDNS Authoritative Server is available through the [apt](https://packages.debian.org/stable/pdns-server) system. +PowerDNS Authoritative Server is available through the [apt](https://packages.debian.org/pdns-server) system. -*Note: In the current 'stable' (codenamed 'wheezy') version 3.1 is included, it is recommended you install version 3.3 from backports.* +**Note**: In the current 'stable' (codenamed 'wheezy') version 3.1 is included, it is recommended you install version 3.3 from backports. `# apt-get install pdns-server` -Debian splits the backends into [several different packages](https://packages.debian.org/stable/pdns-backend), install the required backend as follows: +Debian splits the backends into [several different packages](https://packages.debian.org/pdns-backend), install the required backend as follows: `# apt-get install pdns-backend-$backend` @@ -24,7 +24,14 @@ Alternatively, a statically linked binary package is provided on the [powerdns.c `# dpkg -i pdns-static_$version_$arch.deb` ### Redhat-based Systems -XXX +On RedHat based system there are 2 options to install PowerDNS, from [EPEL](https://fedoraproject.org/wiki/EPEL) or the [repository from Kees Monshouwer](https://www.monshouwer.eu/download/3rd_party/pdns-recursor/). Add either to your list of reposities and install PowerDNS by issueing: + +`# yum install pdns` + +The different backends can be installed using + +`# yum install pdns-backend-$backend` + ### FreeBSD PowerDNS Authoritative Server is available through the [ports](http://www.freshports.org/dns/powerdns/) system: @@ -44,33 +51,42 @@ PowerDNS Authoritative Server is available through Homebrew: ## From source See the [Compiling PowerDNS](../appendix/compiling-powerdns.md) chapter +# Running PowerDNS +PDNS is normally controlled via a SysV-style init.d script, often located in `/etc/init.d` or `/etc/rc.d/init.d`. This script accepts the following commands: + +* `monitor`: Monitor is a special way to view the daemon. It executes PDNS in the foreground with a lot of logging turned on, which helps in determining startup problems. Besides running in the foreground, the raw PDNS control socket is made available. All external communication with the daemon is normally sent over this socket. While useful, the control console is not an officially supported feature. Commands which work are: `QUIT`, [`SHOW *`](internals.md#show-variable), `SHOW varname`, [`RPING`](internals.md#rping). +* `start`: Start PDNS in the background. Launches the daemon but makes no special effort to determine success, as making database connections may take a while. Use `status` to query success. You can safely run `start` many times, it will not start additional PDNS instances. +* `restart`: Restarts PDNS if it was running, starts it otherwise. +* `status`: Query PDNS for status. This can be used to figure out if a launch was successful. The status found is prefixed by the PID of the main PDNS process. +* `stop`: Requests that PDNS stop. Again, does not confirm success. Success can be ascertained with the `status` command. +* `dump`: Dumps a lot of statistics of a running PDNS daemon. It is also possible to single out specific variable by using the `show` command. +* `show variable`: Show a single statistic, as present in the output of the `dump`. +* `mrtg`: Dump statistics in mrtg format. See the performance [monitoring](../common/logging.md#performance-monitoring) documentation. + # Basic setup: configuring database connectivity -This chapter shows you how to configure the Generic MySQL backend, which we like a lot. But feel free to use any of the myriad other backends. This backend is called 'gmysql', and needs to be configured in `pdns.conf`. Add the following lines, adjusted for your local setup: +This shows you how to configure the Generic MySQL backend, which we like a lot. But feel free to use any of the myriad other backends. This backend is called 'gmysql', and needs to be configured in `pdns.conf`. Add the following lines, adjusted for your local setup: ``` - launch=gmysql - gmysql-host=127.0.0.1 - gmysql-user=root - gmysql-dbname=pdns - gmysql-password=mysecretpassword +launch=gmysql +gmysql-host=127.0.0.1 +gmysql-user=root +gmysql-dbname=pdns +gmysql-password=mysecretpassword ``` Remove any earlier [`launch`](settings.md#launch) statements. Also remove the **bind-example-zones** statement as the **bind** module is no longer launched. **Warning**: Make sure that you can actually resolve the hostname of your database without accessing the database! It is advised to supply an IP address here to prevent chicken/egg problems! -**Warning**: Be very very sure that you configure the \*g\*mysql backend and not the mysql backend. See the [Generic MySQL and PostGresql Backends](backend-generic-mypgsql.md). If you use the 'mysql' backend things will only appear to work. (The 'mysql' backend was removed in version 3.1). - Now start PDNS using the monitor command: ``` - # /etc/init.d/pdns monitor - (...) - 15:31:30 About to create 3 backend threads - 15:31:30 [gMySQLbackend] Failed to connect to database: Error: Unknown database 'pdns' - 15:31:30 [gMySQLbackend] Failed to connect to database: Error: Unknown database 'pdns' - 15:31:30 [gMySQLbackend] Failed to connect to database: Error: Unknown database 'pdns' - +# /etc/init.d/pdns monitor +(...) +15:31:30 About to create 3 backend threads +15:31:30 [gMySQLbackend] Failed to connect to database: Error: Unknown database 'pdns' +15:31:30 [gMySQLbackend] Failed to connect to database: Error: Unknown database 'pdns' +15:31:30 [gMySQLbackend] Failed to connect to database: Error: Unknown database 'pdns' ``` This is as to be expected - we did not yet add anything to MySQL for PDNS to read from. At this point you may also see other errors which indicate that PDNS either could not find your MySQL server or was unable to connect to it. Fix these before proceeding. @@ -86,26 +102,28 @@ Connect to MySQL as a user with sufficient privileges and issue the following co Now we have a database and an empty table. PDNS should now be able to launch in monitor mode and display no errors: ``` - # /etc/init.d/pdns monitor - (...) - 15:31:30 PowerDNS 1.99.0 (Mar 12 2002, 15:00:28) starting up - 15:31:30 About to create 3 backend threads - 15:39:55 [gMySQLbackend] MySQL connection succeeded - 15:39:55 [gMySQLbackend] MySQL connection succeeded - 15:39:55 [gMySQLbackend] MySQL connection succeeded +# /etc/init.d/pdns monitor +(...) +15:31:30 PowerDNS 1.99.0 (Mar 12 2002, 15:00:28) starting up +15:31:30 About to create 3 backend threads +15:39:55 [gMySQLbackend] MySQL connection succeeded +15:39:55 [gMySQLbackend] MySQL connection succeeded +15:39:55 [gMySQLbackend] MySQL connection succeeded ``` A sample query sent to the database should now return quickly without data: ``` - $ host www.example.com 127.0.0.1 - www.example.com A record currently not present at localhost +$ host www.example.com 127.0.0.1 +www.example.com A record currently not present at localhost ``` +**Warning**: When debugging DNS problems, don't use `host`. Please use `dig` or `drill`. + And indeed, the control console now shows: ``` - Mar 12 15:41:12 We're not authoritative for 'www.example.com', sending unauth normal response +Mar 12 15:41:12 We're not authoritative for 'www.example.com', sending unauth normal response ``` Now we need to add some records to our database: @@ -113,7 +131,7 @@ Now we need to add some records to our database: ``` # mysql pdnstest mysql> INSERT INTO domains (name, type) values ('example.com', 'NATIVE'); -INSERT INTO records (domain_id, name, content, type,ttl,prio) +INSERT INTO records (domain_id, name, content, type,ttl,prio) VALUES (1,'example.com','localhost ahu@ds9a.nl 1','SOA',86400,NULL); INSERT INTO records (domain_id, name, content, type,ttl,prio) VALUES (1,'example.com','dns-us1.powerdns.net','NS',86400,NULL); @@ -129,9 +147,9 @@ INSERT INTO records (domain_id, name, content, type,ttl,prio) VALUES (1,'example.com','mail.example.com','MX',120,25); ``` -**Warning**: Host names and the MNAME of a SOA records are NEVER terminated with a '.' in PowerDNS storage! If a trailing '.' is present it will inevitably cause problems, problems that may be hard to debug. +**Warning**: Host names and the MNAME of a [SOA](../types.md#soa) records are NEVER terminated with a '.' in PowerDNS storage! If a trailing '.' is present it will inevitably cause problems, problems that may be hard to debug. -If we now requery our database, **www.example.com** should be present: +If we now requery our database, `www.example.com` should be present: ``` $ host www.example.com 127.0.0.1 @@ -149,79 +167,53 @@ Additional information: mail.example.com 120 IN A 192.0.2.12 ``` -To confirm what happened, issue the command `SHOW *` to the control console: +To confirm what happened, issue the command [`SHOW *`](internals.md#show-variable) to the control console: ``` - % show * - corrupt-packets=0,latency=0,packetcache-hit=2,packetcache-miss=5,packetcache-size=0, - qsize-a=0,qsize-q=0,servfail-packets=0,tcp-answers=0,tcp-queries=0, - timedout-packets=0,udp-answers=7,udp-queries=7, - % + % show * + corrupt-packets=0,latency=0,packetcache-hit=2,packetcache-miss=5,packetcache-size=0, + qsize-a=0,qsize-q=0,servfail-packets=0,tcp-answers=0,tcp-queries=0, + timedout-packets=0,udp-answers=7,udp-queries=7, + % ``` The actual numbers will vary somewhat. Now enter `QUIT` and start PDNS as a regular daemon, and check launch status: ``` - # /etc/init.d/pdns start - pdns: started - # /etc/init.d/pdns status - pdns: 8239: Child running - # /etc/init.d/pdns dump - pdns: corrupt-packets=0,latency=0,packetcache-hit=0,packetcache-miss=0, - packetcache-size=0,qsize-a=0,qsize-q=0,servfail-packets=0,tcp-answers=0, - tcp-queries=0,timedout-packets=0,udp-answers=0,udp-queries=0, +# /etc/init.d/pdns start +pdns: started +# /etc/init.d/pdns status +pdns: 8239: Child running +# /etc/init.d/pdns dump +pdns: corrupt-packets=0,latency=0,packetcache-hit=0,packetcache-miss=0, +packetcache-size=0,qsize-a=0,qsize-q=0,servfail-packets=0,tcp-answers=0, +tcp-queries=0,timedout-packets=0,udp-answers=0,udp-queries=0, ``` -You now have a working database driven nameserver! To convert other zones already present, use the **zone2sql** described in Appendix A. +You now have a working database driven nameserver! To convert other zones already present, use the [`zone2sql`](migration.md#zone2sql) tool. ## Common problems Most problems involve PDNS not being able to connect to the database. -### Can't connect to local MySQL server through socket '/tmp/mysql.sock' (2) +### Can't connect to local MySQL server through socket '/tmp/mysql.sock' (2) Your MySQL installation is probably defaulting to another location for its socket. Can be resolved by figuring out this location (often `/var/run/mysqld.sock`), and specifying it in the configuration file with the **gmysql-socket** parameter. Another solution is to not connect to the socket, but to 127.0.0.1, which can be achieved by specifying **gmysql-host=127.0.0.1**. ### Host 'x.y.z.w' is not allowed to connect to this MySQL server These errors are generic MySQL errors. Solve them by trying to connect to your MySQL database with the MySQL console utility **mysql** with the parameters specified to PDNS. Consult the MySQL documentation. -# Running PowerDNS -PDNS is normally controlled via a SysV-style init.d script, often located in `/etc/init.d` or `/etc/rc.d/init.d`. This script accepts the following commands: - -`monitor`: -Monitor is a special way to view the daemon. It executes PDNS in the foreground with a lot of logging turned on, which helps in determining startup problems. Besides running in the foreground, the raw PDNS control socket is made available. All external communication with the daemon is normally sent over this socket. While useful, the control console is not an officially supported feature. Commands which work are: **QUIT**, **SHOW \***, **SHOW varname**, **RPING**. - -`start`: -Start PDNS in the background. Launches the daemon but makes no special effort to determine success, as making database connections may take a while. Use **status** to query success. You can safely run **start** many times, it will not start additional PDNS instances. - -`restart`: -Restarts PDNS if it was running, starts it otherwise. - -`status`: -Query PDNS for status. This can be used to figure out if a launch was successful. The status found is prefixed by the PID of the main PDNS process. - -`stop`: -Requests that PDNS stop. Again, does not confirm success. Success can be ascertained with the **status** command. - -`dump`: -Dumps a lot of statistics of a running PDNS daemon. It is also possible to single out specific variable by using the **show** command. - -`show variable`: -Show a single statistic, as present in the output of the **dump**. - -`mrtg`: -See the performance [monitoring](../common/logging.md#performance-monitoring) documentation. ## Typical Errors after Installing At this point some things may have gone wrong. Typical errors include: ### binding to UDP socket: Address already in use -This means that another nameserver is listening on port 53 already. You can resolve this problem by determining if it is safe to shutdown the nameserver already present, and doing so. If uncertain, it is also possible to run PDNS on another port. To do so, add `local-port=5300` to `pdns.conf`, and try again. This however implies that you can only test your nameserver as clients expect the nameserver to live on port 53. +This means that another nameserver is listening on port 53 already. You can resolve this problem by determining if it is safe to shutdown the nameserver already present, and doing so. If uncertain, it is also possible to run PDNS on another port. To do so, add [`local-port=5300`](settings.md#local-port) to `pdns.conf`, and try again. This however implies that you can only test your nameserver as clients expect the nameserver to live on port 53. ### binding to UDP socket: Permission denied -You must be superuser in order to be able to bind to port 53. If this is not a possibility, it is also possible to run PDNS on another port. To do so, add `local-port=5300` to `pdns.conf`, and try again. This however implies that you can only test your nameserver as clients expect the nameserver to live on port 53. +You must be superuser in order to be able to bind to port 53. If this is not a possibility, it is also possible to run PDNS on another port. To do so, add [`local-port=5300`](settings.md#local-port) to `pdns.conf`, and try again. This however implies that you can only test your nameserver as clients expect the nameserver to live on port 53. ### Unable to launch, no backends configured for querying PDNS did not find the `launch=bind` instruction in pdns.conf. ### Multiple IP addresses on your server, PDNS sending out answers on the wrong one, Massive amounts of 'recvfrom gave error, ignoring: Connection refused' -If you have multiple IP addresses on the internet on one machine, UNIX often sends out answers over another interface than which the packet came in on. In such cases, use `local-address` to bind to specific IP addresses, which can be comma separated. The second error comes from remotes disregarding answers to questions it didn't ask to that IP address and sending back ICMP errors. +If you have multiple IP addresses on the internet on one machine, UNIX often sends out answers over another interface than which the packet came in on. In such cases, use [`local-address`](settings.md#local-address) to bind to specific IP addresses, which can be comma separated. The second error comes from remotes disregarding answers to questions it didn't ask to that IP address and sending back ICMP errors. diff --git a/pdns/docs/markdown/authoritative/performance.md b/pdns/docs/markdown/authoritative/performance.md index 8de13d8ad3..4115930140 100644 --- a/pdns/docs/markdown/authoritative/performance.md +++ b/pdns/docs/markdown/authoritative/performance.md @@ -1,12 +1,11 @@ # Performance and Tuning -## General advice In general, best performance is achieved on recent Linux 3.x kernels and using MySQL, although many of the largest PowerDNS installations are based on PostgreSQL. FreeBSD also performs very well. Database servers can require configuration to achieve decent performance. It is especially worth noting that several vendors ship PostgreSQL with a slow default configuration. **Warning**: When deploying (large scale) IPv6, please be aware some Linux distributions leave IPv6 routing cache tables at very small default values. Please check and if necessary raise `sysctl net.ipv6.route.max_size`. -## Performance related settings +# Performance related settings When PowerDNS starts up it creates a number of threads to listen for packets. This is configurable with the [`receiver-threads`](settings.md#receiver-threads) setting which defines how many sockets will be opened by the powerdns process. In versions of linux before kernel 3.9 having too many receiver threads set up resulted in decreased performance due to socket contention between multiple CPUs - the typical sweet spot was 3 or 4. For optimal performance on kernel 3.9 and following with [`reuseport`](settings.md#reuseport) enabled you'll typically want a receiver thread for each core on your box if backend latency/performance is not an issue and you want top performance. Different backends will have different characteristics - some will want to have more parallel instances than others. In general, if your backend is latency bound, like most relational databases are, it pays to open more backends.