Mirroring DNS masters

[Dan Brown]

> Where as you write a few scripts to ensure the master is updated
> correctly, and then rsync it, you can readily ensure the same tested
> configuration is deployed to multiple servers.

Essentially the script keeps track of the last time a file was updated.  Any
modification times newer than this will be synchronized on the remote
server.

> However I'm worried anyone would ask how to do it.
>
> You either know how to set up a master server or you don't, if you know
> how to do it, doing it N times is hardly challenging. May be the OP
> never used rsync before.

I know how to setup the master server without any problems. The
synchronization of data between two masters serving the same data is where I
am wondering if there will be any problem.  Will bind ever have to be
restarted as a result of changing zone files?  In the files themselves they
say:

; Do Not edit BIND db files directly.

I have a suspicion this may only refer to our Cobalt UI having problems with
files being updated while actually being edited in the UI as well.  I've yet
to work with bind on a server other than the RaQ appliances.

The updates will occur at most once every five minutes (though probably more
like once a minute, or once every two, I haven't decided yet), and for the
moment will only occur from our primary master server which we currently do
DNS updates with all the time to our current secondary.

> I'm worried about the 99% of updates would occur on the one server. I
> figure this means 1% of updates will probably get lost, since you really
> don't want to get into multimaster replication, even at the zone file
> level. I'd do 100% of updates on a test server, and deploy when it all
> works.

The 99% to 1% ratio I referred to is due to the fact that it doesn't matter
how many times you tell people to use a certain procedure or server, someone
will always not follow your rules.


Dan
dan at amanah.com