replication between primary & secondary bind servers in linux?

Bill Larson wllarso at swcp.com
Mon Feb 5 16:03:02 UTC 2001 

> I don't understand what you mean by hiding my e-mail address.  This is my
> address.  If you doubt it, then send me an e-mail and I will reply.

Son-of-a-gun, your address ***IS*** real!  Must be a fun one for the
spammers to process.  Cute, but understandably misleading.

> The problem I see with the doing it like you said is that when I add a new
> domain on the primary it won't replicate to the secondary--or at least
> that's the way it seems to me since there isn't a way that the secondary
> would know that there is a new domain on the primary.  Or at least as far as
> I can tell.

I believe that I understand the previous confusion.  You are refering
to the server configuration files not the zone data files.  This wasn't
too clear, and the previous response was addressing duplication of the
zone data (I suspect).

Please understand, the administration of master and slave name servers
are independent of each other.  It is very possible to have two servers
that do not provide the same information for identical zones.

As a simple example of this, every name server should be a primary name
server for the 0.0.127.in-addr.arpa zone.  If you were to simply copy
the configuration file from one machine to another, and then blindly
change every "master" to "slave" (and insert the address of the master
server for each zone), then you would be making the second server a
slave to this 0.0.127.in-addr.arpa zone too!

I'm sure that you can get around this with intelligent enough scripts,
but I suspect that most people simply manage the configuration files
manually.  

As a general rule, you don't want to be using NFS over a WAN (don't 
start about NFS3 - this is general).  If you are worried about DNS
server replication, NFS isn't a good solution because you really want
your servers to be geographically (network wise) separated.  This doesn't
even begin to address the issues of security of NFS.

Think about something like SSH as a means to communicate configuration
files between systems rather than NFS or rsh.  Then again, this type of
automation wouldn't be too useful for many (most?) people, so you
may be on your own with this.

Bill Larson

More information about the bind-users mailing list