Debian Tutorials

Debian Tutorials

Step by step tutorials showing you how to install and configure various applications and services on Debian based Linux distros.

May 2024


Install and configure PowerDNS with geo backend (CDN/geographic DNS blancing)

Ástþór IPÁstþór IP

The Geo backend can be used to distribute queries globally using an IP-address/country mapping table, several of which are freely available online or can be acquired for a small fee.

This allows visitors to be sent to a server close to them, with no appreciable delay, as would otherwise be incurred with a protocol level redirect. Additionally, the Geo backend can be used to provide service over several clusters, any of which can be taken out of use easily, for example for maintenance purposes.

The Geo backend is in wide use, for example by the Wikimedia foundation, which uses it to power the Wikipedia global load balancing.

This tutorial has been tested on Debian 7.x (wheezy).

1. Install PowerDNS server and the Geo backend

apt-get install pdns-server pdns-backend-geo

2. Disable package and query caching PowerDNS (pico /etc/powerdns/pdns.conf)

Add these lines or modify if they already exist in the config file:


By default PowerDNS caches both queries to backend and packages sent out to clients to increase speed. When using the Geo backend, this will cause issues because packages sent to clients will vary based on their location.

3. Create a directory to store ip to country mappings

mkdir -p /usr/local/etc/powerdns

4. Install rsync which is used to receive ip to country mappings

apt-get install rsync

5. Manually receive the latest ip to country mappings. I’m using but there are more providers available.

rsync -qt rsync:// /usr/local/etc/powerdns/

6. Configure automatic update of the ip to country mappings every week (optional)

crontab -l | { cat; echo "0 0 1 * * rsync -qt rsync:// \
/usr/local/etc/powerdns/ && \
/usr/bin/pdns_control rediscover > /dev/null"; } | crontab -

7. Create a config file for the geo backend

cat > /etc/powerdns/pdns.d/pdns.geo <<EOF,,

You’ll have to change to your domain, set the correct name servers and choose the hostname (in this example I’m using which will be used to resolve to different IP addresses based on the client performing the DNS lookup).

8. Set up a simple bind zone file for (In this example I’m using the bind backend but other backends can be used aswell)

If you don’t already have bind zones configured, create a directory to contain the zones:

mkdir -p /etc/powerdns/bind

Create the zone file used for our geo experiment:

cat > /etc/powerdns/bind/ <<EOF
\$TTL 86400
@ IN SOA 2014112600 86400 7200 3600000 172800
@ NS
@ NS
de A
uk A
us A

You will need to change to your domain and adjust the zone file to your domain and name servers. Please note that the $ signs are escaped to work with the cat command. If you copy these lines to your config file, make sure you remove the \ signs and EOF. Here I’ve created three A records which will be used by the geo backend to return correct IP addresses based on the user’s location.

9. Append the new bind zone to the bindbackend config

echo "zone \"\" {
type master;
file \"/etc/powerdns/bind/\";
allow-update { none; };
" >> /etc/powerdns/bindbackend.conf

10. Create geo map file for (this is where you configure which location resolve to which IP address)

Create a folder that will contain geo maps:

mkdir -p /etc/powerdns/geo-maps

Create the map file for

cat > /etc/powerdns/geo-maps/ <<EOF
0 de
826 uk
840 us

Here we’ll put all the geo rules. The first number is either 0 for default or a ISO-3166 country code. The second entry in each line is the host relative to the zone being used (for example, if the user is located in UK and queries the DNS for, the geo backend will tell the client that is an alias of will return the IP address as configured in the bind zone created earlier.

11. Enable the bind and geo backends (pico /etc/powerdns/pdns.conf)


12. Remove the launch parameters from other backends, with a clean install of PowerDNS we need to remove the launch line from /etc/powerdns/pdns.d/pdns.simplebind (pico /etc/powerdns/pdns.d/pdns.simplebind)


13. Restart PowerDNS

/etc/init.d/pdns restart

14. Test from different locations using:

host localhost

Replace with the domain you want to use

This will give you results similar to these:

Using domain server:
Name: localhost
Aliases: is an alias for has address

Comments 0
There are currently no comments.