Can some one help me in plain English

Jeanne Ilchuk ilchuk at wrlc.org
Tue Feb 5 12:49:25 UTC 2002



I have a Redhat 6.0 (2.2.10 kernel) running our master
DNS server and using bind-8.2.2pl7-1k (I know we need
to upgrade; as soon as I can figure out this problem).
Our nameserver has two interfaces, ns and ns2.

Our secondary is the same (RH 6.0/2.2.10 kernel and 
bind-8.2.2pl7-1k), which also has two interfaces and gets 
updates from the master. When we set this up a few years 
ago, I thought the secondary would be there to answer 
queries in case the primary failed.

When I tried to do OS upgrade on my primary last week, 
the secondary did not kick in.  Both are on same version
of bind; both getting ready for OS upgrades as soon
as I have a functioning nameserver to handle requests. 

Last week I changed the setting in the secondary named.conf
file to make the secondary a "master" but (by mistake) only
changed it in one of about 16 'zones' or db.* files we have.
(I think this may have worked).  Our servers started timing out
so we backed out of the upgrade.

I did ifconfig aliases on the secondary for the 2 
primary interface IPs, but found out the resolver looks for
the server 'hostname'.  Was I on the right track, only 
did not include the secondary IP as master in all of the
zone files?

Like I said, can someone PLEASE tell me in English what I
need to do?  Here's my named.conf files for both primary and
secondary.  I'm including only the relevant statements; we have
16 more zone that do reverse name to address mapping for reverse
lookup.  All are the same with different "db.IP-numbers"
Same with secondary below.  Only first few and last stanzas
are included.

Also, our DNS entries look like this in the "db.wrlc" file:
[root at ns named]# more db.wrlc
@ IN SOA ns.wrlc.org. hostmaster.wrlc.org. (
                2002020100      ; Serial
                7200            ; Refresh after 2 hours
                3600            ; Retry after 1 hour
                604800          ; Expire after 1 week
; reducing TTL during May to prepare for IP changes during upgrades -
drg
                86400 )         ; Minimum TTL of 1 day
;               28800 )         ; Minimum TTL of 8 hours
; Name & Mail Servers (the name '@' is implied):
                IN NS   ns.wrlc.org.
                IN NS   raid02.wrlc.org.
                IN NS   dnsauth1.sys.gtei.net.
                IN NS   dnsauth2.sys.gtei.net.
                IN NS   dnsauth3.sys.gtei.net.
                IN A    192.245.136.12
                IN MX   10 raid02.wrlc.org.
;
;;;; only including primary and secondary IP related info
ns              IN A    192.245.136.2
ns2		IN A	198.91.32.158
raid02          IN A    192.245.136.12
;raid02         IN A    198.91.32.144
mail            IN CNAME        raid02

### COMMENTS not in db.wrlc file
###for reverse lookup ("192.245.136.4" is ifconfig aliases on 
###eth0 so no hostname assigned to IP; same for "198.92.32.144' 
###IP above)
###
; raid02 ifconfig alias secondary nameserver
;4      IN PTR          raid02.wrlc.org.
12      IN PTR          raid02.wrlc.org.


Primary named.conf file:
options {
        // location of the db.* configuration files
        directory "/var/named";
        // Allow only secondary and dnssec.sys.gtei.net to do transfers
        allow-transfer {
                192.245.136.4;
                192.245.136.12;
                198.91.32.144;
                4.2.49.1;
        };
                4.2.49.1;
        };
        // DNS NOTIFY packets tell BIND 8.x secondary servers to update
        notify yes;
        // to get through our firewall, stick to port 53
        query-source address * port 53;
        // track per-host statistics for debugging
        host-statistics yes;
};

// Define primary name-to-address mapping file
zone "wrlc.org" in {
        type master;
        file "db.wrlc";
};

/////////Zone file statements clipped to be brief; 
/////////last statements in named.conf file below

// Map the loopback address back to ns
zone "0.0.127.in-addr.arpa" in {
        type master;
        file "db.127.0.0";
};

// Read the cache file
zone "." in {
        type hint;
        file "db.cache";
};
// END OF PRIMARY NAMED.CONF file

SECONDARY named.conf file:

options {
        // location of the db.* configuration files
        directory "/var/named";
        notify no;
        allow-transfer { none; };
        // to get through our firewall, stick to port 53
        query-source address * port 53;
};

// Define the wrlc.org Domain
// This is primary name-to-address mapping file
zone "wrlc.org" in {
        type slave;
        file "db.wrlc";
        masters  { 192.245.136.2; 198.91.32.158; };
};

// similar files clipped to be brief, then last two stanzas

// Map Test LAN addresses back to names
zone "223.128.205.in-addr.arpa" in {
        type slave;
        file "db.205.128.223";
        masters  { 192.245.136.2; 198.91.32.158; };
};


// Map the loopback address back to ns
zone "0.0.127.in-addr.arpa" in {
        type master;
        file "db.127.0.0";
};

// Read the cache file
zone "." in {
        type hint;
        file "db.cache";
};

// END OF SECONDARY NAMED.CONF FILE

Thanks for any/all help.

Jeanne
ilchuk at wrlc.org


More information about the bind-users mailing list