master and slave on the same server

Kevin Darcy kcd at daimlerchrysler.com
Wed Sep 21 21:13:52 UTC 2005


Rajesh Bandar wrote:

>Hi All,
> I am running Bind 9.3.1 on two solaris 9 boxes. One is configured as master
>and the other one as slave
>for the domain name au.ap.company.com <http://au.ap.company.com>. My parent
>zone ap.company.com <http://ap.company.com> has delegated 2 name servers
>for au.ap.company.com <http://au.ap.company.com>
>(NS1.AU.AP.COMPANY.COM<http://NS1.AU.AP.COMPANY.COM>&
>NS2.AU.AP.COMPANY.COM <http://NS2.AU.AP.COMPANY.COM>). Below are the name
>servers for au.ap.company.com <http://au.ap.company.com>:
> au.ap.company.com <http://au.ap.company.com>. IN NS
>ns1.au.ap.company.com<http://ns1.au.ap.company.com>
>.
>au.ap.company.com <http://au.ap.company.com> IN NS
>ns2.au.ap.company.com<http://ns2.au.ap.company.com>
> ns1.au.ap.company.com <http://ns1.au.ap.company.com>. IN A
>172.26.70.1<http://172.26.70.1>
>ns2.au.ap.company.com <http://ns2.au.ap.company.com> IN A
>172.26.70.2<http://172.26.70.2>
> I have configured ns1 as master and ns2 as slave. Everythig is working fine
>at the moment. Now my manager
>has asked me to configure another master server for DR purpose. Basically
>rsync the master server config file
>and zone files to another machine. We dont have any spare machine to do
>this. Can I do the following:
>  1. Configure a virtual interface (hme0:1) on ns2 server with the IP
>address 172.26.70.3 <http://172.26.70.3>.
> 2. Setup ns3.au.ap.company.com <http://ns3.au.ap.company.com> as another
>master server for au.ap.company.com <http://au.ap.company.com> on
>ns2.au.ap.company.com <http://ns2.au.ap.company.com> with
>the IP 172.26.70.3 <http://172.26.70.3>.
> eg: ns3.au.ap.company.com <http://ns3.au.ap.company.com>. IN A
>172.26.70.3<http://172.26.70.3>
> 3. Ask the parent zone administrator to update the delegation information.
> 4. Copy/rsync named.conf file and zone files from
>ns1.au.ap.abnamro.com<http://ns1.au.ap.abnamro.com>
>.
> 5. Run 2 named instances on
>ns2.au.ap.abnamro.com<http://ns2.au.ap.abnamro.com>.
>One for master (ns3) and one for slave (ns2).
> This is just for DR test, we are not going to have this setup running all
>the time. We want to have both
>master and slave running in the DR test and we dont have any spare machines
>to do this. Could someone
>tell me if this works or not. When we do the DR test ns1 server will be
>shutdown. So, I have to run
>both master and slave on one machine (on ns2).
> What should be the soa for
>ns3.au.ap.company.com<http://ns3.au.ap.company.com>master? If someone
>has tried a similar setup please help me.
>
First of all, please turn off the option in your message-composer to 
spew a URL for everything that looks like a domain name or an IP address 
-- it made your message almost unreadable.

As for your main question about running multiple BIND instances on the 
same box, you can certainly do that by configuring each instance with a 
different listen-on address, different data directory, different 
named.conf file, different PID file, optionally different chroot 
directories, rndc parameters, etc., and running both/all instances from 
your system's init script with the appropriate command-line arguments.

As for the MNAME field of SOA record, this is only used for NOTIFY and 
Dynamic Update. You can control NOTIFY via "also-notify" and/or "notify 
explicit". You can also tell nsupdate to direct Dynamic Updates to 
specific servers (bypassing what's in the SOA RR) by using its "server" 
command. So this only leaves Dynamic Updates that are generated by other 
sources, e.g. DHCPD, Windows 2000 client auto-registration, Active 
Directory, etc. I don't have any direct experience with this, but it's 
basically just the same old load-balancing/failover/availability issue 
all over again. If you don't have a dedicated load-balancer device that 
can deal with this, then perhaps you could have some sort of DR strategy 
that would switch a special, low-TTL name over to the DR master. For 
that matter, maybe you could just define ns1.au.ap.abnamro.com with the 
IP addresses of both the primary and the DR master, and you might just 
discover that all of your Dynamic Update clients are smart enough to do 
the failover without any special arrangements...

                                                                         
                                                                  - Kevin




More information about the bind-users mailing list