Slaving a dynamic zone

Kirk Strauser kirk at strauser.com
Wed Oct 1 02:50:41 UTC 2003


This is kind of long, so I'll summarize to spare some reading for those
who might not be able to help.  In a nutshell, I'm having problems getting
my slave server to track dynamic updates to my master server.

My master server is running BIND 9.2.3.4 on a FreeBSD 5.1 (hostname:
kanga.honeypot.net).  My slave server is running BIND 9.2.2 on a FreeBSD 4.7
server (hostname: glaaki.masonitg.com).

The setup is more complex than I'd *like* it to be, but given that I'm
supporting IPv4 and IPv6, and the master is serving split DNS (about 70
public zones and 5 private), I think I've got things fairly well under
control.

I've created a dynamic zone that's delegated out of a larger, mostly-static
zone.  From named.conf on the master:

    zone "honeypot.net" {
        type master;
        file "external/db.honeypot.net";
    };

    zone "infected.honeypot.net" {
        type master;
        file "dyn/db.infected.honeypot.net";
        allow-transfer { key glaaki-kanga.masonitg.com.; };
        update-policy {
            grant kanga.honeypot.net. wildcard *.infected.honeypot.net. A;
            grant kanga.honeypot.net. wildcard *.infected.honeypot.net. TXT;
        };
    };



More information about the bind-users mailing list