PowerDNS minimal setup

I am trying to work out the minimal amount of steps needed for PowerDNS to be setup and working with a VPS using APISCP.

  1. Register mydomain.com
  2. Set glue records ns1 and ns2 to VPS IP
  3. Set nameserver records of mydomain.com to ns1.mydomain.com ns2.mydomain.com

On VPS enable powerdns

cpcmd scope:set cp.bootstrapper powerdns_enabled true
cpcmd scope:set cp.bootstrapper powerdns_driver mysql
upcp -sb software/powerdns
cpcmd scope:set dns.default-provider powerdns
  1. I am not sure where else to go from here.

Could anyone help with this?

PowerDNS configuration utility is available on pdns.apiscp.com. Run on 2 servers. Both can provide hosting services. Likewise they can also be smaller 1 GB servers using a free DNS-only created within the licensing portal on my.apiscp.com. If you’d like to hide the API endpoint, then a hidden master may be used.

Once done, reverse proxy Apache to PowerDNS API on the master.

This is confusing because the minimal setup with that tool seems to require 3 servers.
I’m asking myself whats wrong with BIND?

So once the nameservers are pointing to the ip of my vps this tool http://pdns.apiscp.com/ should be straight forward?

“Hosting server” is each additional server that is neither ns1 nor ns2, which is the bare minimum number of DNS servers required to host your own nameservers per RFC 1034 § 4.1.

Both primary and secondary nameservers can provide hosting service.

BIND doesn’t scale. I still run BIND for Hostineer out of technical debt and a 10 minute startup is terrible, not withholding all records are held in memory without opportunistic paging to disk as we’d see when fetching data from a database. There’s also the issue of converting raw to text to modify unless you’d like to use nsupdate… PowerDNS is much nicer.

NS1 and NS2 can be the same machine regardless of what the spec says.

When I finally get this working I will have to come back and update this for others that might be having trouble.

To get PowerDNS working how many vps instances do I need? Can I do it with one or do I need 2?

It may not. While not expressly enumerated in RFC 1034 § 4.1, its language clues you into the intention: redundancy.

By administrative fiat, we require every zone to be available on at least two servers, and many zones have more redundancy than that.

This is clarified in RFC 2182 § 3.1, published 27 years ago.

Secondary servers must be placed at both topologically and geographically dispersed locations on the Internet, to minimise the likelihood of a single failure disabling all of them.

That is, secondary servers should be at geographically distant locations, so it is unlikely that events like power loss, etc, will disrupt all of them simultaneously. They should also be connected to the net via quite diverse paths. This means that the failure of any one link, or of routing within some segment of the network (such as a service provider) will not make all of the servers unreachable.

A minimum of 2 nameservers is required.

What the spec says and what happens in real life are two different things as it relates to name servers.

As it refers to PowerDNS I just want the thing to work in as minimal a way as possible. I dont care what any spec says what is the minimal setup necessary for it to work.

I would recommend hosting your DNS with Cloudflare or any other supported provider. These are plug and play and free you from the administrative burden.

Maybe in another thread I will ask questions about cloudflare, which I have used in the past. but for now my concern is how to get a minimal PowerDNS setup working with APISCP.

I am also very interested in this as well, so if you manage to get it working @apiscpuser pls post here.

I am hosting on a singular IP and I want DNS to be done locally instead of relaying on two random VPS around the globe.

I can think of 3 other different panels, that allow you to violate the RFC and host ns1 and ns2 on the same server as your webhosting, but unfortunately none of them provides the free CloudLinux-like features of ApisCP, hence its the reason I went with Api and the 2 nameserver VPSes, which I have, but I want to change it hopefully.

I will try again tonight.

This might be of use in the mean time.

Yes, this is what I am using with the extra two VPS.

@msaladna Can we pay you to do this for us (not for all ApisCP servers in the world)?

Look into Route53 or Cloudflare as alternative drop-in providers if your topology doesn’t afford the requirements of RFC 2182.

No. It’s a conflict of interest if I sell a product designed to be standardized, which must work within established guidelines, while selling consulting time to violate these standards on the side.

You are not officially selling standards violation to anyone, just to us :stuck_out_tongue: .