Install PowerDNS with MariaDB Backend on Fedora 30/29/CentOS 7

0
577

In this guide, we are going to learn how to install PowerDNS with MariaDB backend on Fedora 30/29/CentOS 7. PowerDNS is a powerful opensource DNS server that provides alternative DNS services to BIND. It provides two nameserver products namely, the Authoritative Server and the Recursor.

While the Authoritative Server only answer questions about domains it knows about, Recursor on the other hand has no knowledge of domains itself by default it will always consult other authoritative servers to answer questions given to it.

The authoritative PowerDNS server supports different backends ranging from database backends such as MySQL, PostgreSQL, Oracle and BIND zone files to co-processes and JSON API’s.

Install PowerDNS with MariaDB Backend on Fedora 30/29/CentOS 7

Install PowerDNS on Fedora 30/29/CentOS 7

Update and upgrade your system.

yum update
yum upgrade

Install MariaDB

In this guide, we will use MariaDB as the PowerDNS backend. Hence before you can proceed, you need to install and configure MariaDB.

See our guide on how to install MariaDB 10.3 by following the links below;

Install MariaDB 10.3 on Fedora 30

Install MariaDB 10.3 on CentOS 7

Configuring MariaDB Backend for PowerDNS

Create PowerDNS MariaDB User and Database

Once the installation is done, proceed to create MariaDB database and user for PowerDNS.

mysql -u root -p
create database powerdns;
grant all privileges on powerdns.* to [email protected] identified by '[email protected]';

Next, use the PowerDNS database created above and run the following commands to create the table structures.

use powerdns;
CREATE TABLE domains (
  id                    INT AUTO_INCREMENT,
  name                  VARCHAR(255) NOT NULL,
  master                VARCHAR(128) DEFAULT NULL,
  last_check            INT DEFAULT NULL,
  type                  VARCHAR(6) NOT NULL,
  notified_serial       INT UNSIGNED DEFAULT NULL,
  account               VARCHAR(40) CHARACTER SET 'utf8' DEFAULT NULL,
  PRIMARY KEY (id)
) Engine=InnoDB;
CREATE UNIQUE INDEX name_index ON domains(name);
CREATE TABLE records (
  id                    BIGINT AUTO_INCREMENT,
  domain_id             INT DEFAULT NULL,
  name                  VARCHAR(255) DEFAULT NULL,
  type                  VARCHAR(10) DEFAULT NULL,
  content               VARCHAR(64000) DEFAULT NULL,
  ttl                   INT DEFAULT NULL,
  prio                  INT DEFAULT NULL,
  disabled              TINYINT(1) DEFAULT 0,
  ordername             VARCHAR(255) BINARY DEFAULT NULL,
  auth                  TINYINT(1) DEFAULT 1,
  PRIMARY KEY (id)
) Engine=InnoDB;
CREATE INDEX nametype_index ON records(name,type);
CREATE INDEX domain_id ON records(domain_id);
CREATE INDEX ordername ON records (ordername);
CREATE TABLE supermasters (
  ip                    VARCHAR(64) NOT NULL,
  nameserver            VARCHAR(255) NOT NULL,
  account               VARCHAR(40) CHARACTER SET 'utf8' NOT NULL,
  PRIMARY KEY (ip, nameserver)
) Engine=InnoDB;
CREATE TABLE comments (
     id                    INT AUTO_INCREMENT,
     domain_id             INT NOT NULL,
     name                  VARCHAR(255) NOT NULL,
     type                  VARCHAR(10) NOT NULL,
     modified_at           INT NOT NULL,
     account               VARCHAR(40) CHARACTER SET 'utf8' DEFAULT NULL,
     comment               TEXT CHARACTER SET 'utf8' NOT NULL,
     PRIMARY KEY (id)
     ) Engine=InnoDB;
CREATE INDEX comments_name_type_idx ON comments (name, type);
CREATE INDEX comments_order_idx ON comments (domain_id, modified_at);
CREATE TABLE domainmetadata (
    id                    INT AUTO_INCREMENT,
    domain_id             INT NOT NULL,
    kind                  VARCHAR(32),
    content               TEXT,
    PRIMARY KEY (id)
    ) Engine=InnoDB;
CREATE INDEX domainmetadata_idx ON domainmetadata (domain_id, kind);
CREATE TABLE cryptokeys (
  id                    INT AUTO_INCREMENT,
  domain_id             INT NOT NULL,
  flags                 INT NOT NULL,
  active                BOOL,
  content               TEXT,
  PRIMARY KEY(id)
) Engine=InnoDB;
CREATE INDEX domainidindex ON cryptokeys(domain_id);
CREATE TABLE tsigkeys (
  id                    INT AUTO_INCREMENT,
  name                  VARCHAR(255),
  algorithm             VARCHAR(50),
  secret                VARCHAR(255),
  PRIMARY KEY (id)
) Engine=InnoDB;
CREATE UNIQUE INDEX namealgoindex ON tsigkeys(name, algorithm);

Next, you need to add foreign key constraints to the tables in order to automate deletion of records, key material, and other information upon deletion of a domain from the domains table. This ensures that no records, comments or keys exists for domains that you already removed.

ALTER TABLE records ADD CONSTRAINT `records_domain_id_ibfk` FOREIGN KEY (`domain_id`) REFERENCES `domains` (`id`) ON DELETE CASCADE ON UPDATE CASCADE;
ALTER TABLE comments ADD CONSTRAINT `comments_domain_id_ibfk` FOREIGN KEY (`domain_id`) REFERENCES `domains` (`id`) ON DELETE CASCADE ON UPDATE CASCADE;
ALTER TABLE domainmetadata ADD CONSTRAINT `domainmetadata_domain_id_ibfk` FOREIGN KEY (`domain_id`) REFERENCES `domains` (`id`) ON DELETE CASCADE ON UPDATE CASCADE;
ALTER TABLE cryptokeys ADD CONSTRAINT `cryptokeys_domain_id_ibfk` FOREIGN KEY (`domain_id`) REFERENCES `domains` (`id`) ON DELETE CASCADE ON UPDATE CASCADE;

Install PowerDNS

Once the configuration of database is done, proceed to install PowerDNS.

On Fedora 30, PowerDNS is available on the default repos and thus can be simply installed by running the command below;

dnf install pdns pdns-backend-mysql bind-utils

For CentOS 7, you need to install EPEL repos.

yum install epel-release
yum install pdns pdns-backend-mysql bind-utils

Configure PowerDNS Backend

PowerDNS uses bind as the default backend. Therefore, open the PowerDNS configuration and comment out the line, launch=bind, replace it with the following lines. Replace you configs accordingly.

vim /etc/pdns/pdns.conf
...
#launch=bind
launch=gmysql
gmysql-host=127.0.0.1
gmysql-user=dnsadmin
gmysql-dbname=powerdns
[email protected]
...

Verify PowerDNS connection to Backend

Before you can start PowerDNS, run in it in foreground as shown below to verify the connection to MariaDB backend.

pdns_server --daemon=no --guardian=no --loglevel=9

If all is well, then;

...
Jun 05 01:24:36 Creating backend connection for TCP
Jun 05 01:24:36 gmysql Connection successful. Connected to database 'powerdns' on '127.0.0.1'.
Jun 05 01:24:36 About to create 3 backend threads for UDP
Jun 05 01:24:36 gmysql Connection successful. Connected to database 'powerdns' on '127.0.0.1'.
Jun 05 01:24:36 gmysql Connection successful. Connected to database 'powerdns' on '127.0.0.1'.
Jun 05 01:24:36 gmysql Connection successful. Connected to database 'powerdns' on '127.0.0.1'.
Jun 05 01:24:36 Done launching threads, ready to distribute questions

If you encounter any error, please fix it before you can proceed.

Running PowerDNS

To start and enable PowerDNS to run on system boot;

systemctl start pdns
systemctl enable pdns

To check the status of PowerDNS,

systemctl status pdns
● pdns.service - PowerDNS Authoritative Server
   Loaded: loaded (/usr/lib/systemd/system/pdns.service; enabled; vendor preset: disabled)
   Active: active (running) since Wed 2019-06-05 01:29:33 EAT; 3min 9s ago
     Docs: man:pdns_server(1)
           man:pdns_control(1)
           https://doc.powerdns.com
 Main PID: 4066 (pdns_server)
    Tasks: 8 (limit: 2351)
   Memory: 4.3M
   CGroup: /system.slice/pdns.service
           └─4066 /usr/sbin/pdns_server --guardian=no --daemon=no --disable-syslog --log-timestamp=no --write-pid=no

If FirewallD is running, allow DNS through it.

firewall-cmd --add-service=dns --permanent
firewall-cmd --reload

You can verify that DNS port 53 is opened.

ss -altnp | grep 53
LISTEN    0         128                0.0.0.0:53               0.0.0.0:*        users:(("pdns_server",pid=4066,fd=8))                                          
LISTEN    0         128                   [::]:53                  [::]:*        users:(("pdns_server",pid=4066,fd=9))

Well, you have successfully installed PowerDNS with MariaDB configured as the backend. In our next guide, we will learn how to administer PowerDNS using the web based tool called Poweradmin. Enjoy

Reference:

Getting Started with PowerDNS

Other related Guides’

How to Setup Master-Slave DNS Server using BIND on CentOS 7

LEAVE A REPLY

Please enter your comment!
Please enter your name here