Slaving a dynamic zone
Kirk Strauser
kirk at strauser.com
Wed Oct 1 02:50:41 UTC 2003
This is kind of long, so I'll summarize to spare some reading for those
who might not be able to help. In a nutshell, I'm having problems getting
my slave server to track dynamic updates to my master server.
My master server is running BIND 9.2.3.4 on a FreeBSD 5.1 (hostname:
kanga.honeypot.net). My slave server is running BIND 9.2.2 on a FreeBSD 4.7
server (hostname: glaaki.masonitg.com).
The setup is more complex than I'd *like* it to be, but given that I'm
supporting IPv4 and IPv6, and the master is serving split DNS (about 70
public zones and 5 private), I think I've got things fairly well under
control.
I've created a dynamic zone that's delegated out of a larger, mostly-static
zone. From named.conf on the master:
zone "honeypot.net" {
type master;
file "external/db.honeypot.net";
};
zone "infected.honeypot.net" {
type master;
file "dyn/db.infected.honeypot.net";
allow-transfer { key glaaki-kanga.masonitg.com.; };
update-policy {
grant kanga.honeypot.net. wildcard *.infected.honeypot.net. A;
grant kanga.honeypot.net. wildcard *.infected.honeypot.net. TXT;
};
};
More information about the bind-users
mailing list