master and slave on the same server - problem

Kevin Darcy kcd at daimlerchrysler.com
Thu Sep 22 22:56:58 UTC 2005 

Rajesh Bandar wrote:

>Thank you very much kevin for the reply. As you suggested I have
>installed Bind 9.3.1 on solaris 9.
>I am running both master and slave on the same machine. But I am
>having problem with slave server.
>If I make any changes to the zone file on the master server, they
>should be transfered to the slave.
>But that is not happening on the slave server.
>named.conf on primary:
>
># Use with the following in named.conf, adjusting the allow list as needed:
>
>key "rndc-key" {
>
>algorithm hmac-md5;
>
>secret "hfSrOaQxuvUGTEMGOcdxFg==";
>
>};
>
>controls {
>
>inet 127.0.0.1 port 953
>
>allow { 127.0.0.1; } keys { "rndc-key"; };
>
>};
>
>acl "slaves" {
>
>134.251.131.50;
>
>127.0.0.1;
>
>localhost;
>
>};
>
>options {
>
>directory "/var/named"; // Working directory
>
>listen-on {134.251.131.56; };
>
>allow-transfer { "slaves"; };
>
>transfer-source 134.251.131.50;
>
>notify-source 134.251.131.50;
>
>allow-query { any; }; // This is the default
>
>recursion yes; // Do not provide recursive service
>
>notify yes;
>
>pid-file "/var/run/named.pid";
>
>statistics-file "/var/run/named.stats";
>
>dump-file "/var/run/named.db";
>
># hide the version number
>
>version "[secured]";
>
>};
>
># The root nameservers
>
>zone "." {
>
>type hint;
>
>file "named.root";
>
>};
>
>zone "localhost" {
>
>type master;
>
>file "/var/named/zone/localhost.hosts";
>
>};
>
>zone "127.0.0.in-addr.arpa" {
>
>type master;
>
>file "/var/named/zone/0.0.127.rev";
>
>};
>
>zone "au.ap.domain.com" {
>
>type master;
>
>file "/var/named/zone/au.ap.domain.com.hosts";
>
>allow-transfer { "slaves"; };
>
>};
>
>zone "131.251.134.in-addr.arpa" {
>
>type master;
>
>file "/var/named/zone/134.251.131.rev";
>
>allow-transfer { "slaves"; };
>
>};
>
>
>named.conf.slave file (slave config)
>
>Use with the following in named.conf, adjusting the allow list as needed:
>
>key "rndc-key" {
>
>algorithm hmac-md5;
>
>secret "ra4L34V90UX8uMphiEW2Kw==";
>
>};
>
>controls {
>
>inet 127.0.0.1 port 954
>
>allow { 127.0.0.1; } keys { "rndc-key"; };
>
>};
>
># End of named.conf
>
>options {
>
>directory "/var/named/slave"; // Working directory
>
>listen-on {134.251.131.50; };
>
>allow-query { any; }; // This is the default
>
>recursion yes; // Do not provide recursive service
>
>pid-file "/var/run/namedlave.pid";
>
>statistics-file "/var/run/namedslave.stats";
>
>dump-file "/var/run/namedslave.db";
>
># hide the version number
>
>version "[secured]";
>
># The root nameservers
>
>zone "." {
>
>type hint;
>
>file "named.root";
>
>};
>
>zone "localhost" {
>
>type master;
>
>file "/var/named/slave/localhost.hosts";
>
>};
>
>zone "127.0.0.in-addr.arpa" {
>
>type master;
>
>file "/var/named/slave/0.0.127.rev";
>
>};
>
>zone "au.ap.domain.com" {
>
>type slave;
>
>file "/var/named/slave/au.ap.domain.com.slave";
>
>masters { 134.251.131.56; };
>
>};
>
>I am running 2 named instances for master and slave.
>
>root at cluster2/var/named/slave > ps -ef|grep name
>
>root 10225 1 0 00:17:04 ? 0:00 /usr/sbin/in.named -c /etc/named.conf.slave
>
>root 10171 1 0 00:04:31 ? 0:00 /usr/sbin/in.named -c /etc/named.conf
>
>zone file on master server I updated:
>
>$ttl 38400
>
>au.ap.domain.com. IN SOA ns1.au.ap.domain.com. rajesh\.bandar.domain.com. (
>
>2005092301
>
>10800
>
>60
>
>604800
>
>38400 )
>
>au.ap.domain.com. IN NS ns1.au.ap.domain.com.
>
>au.ap.domain.com. IN NS ns2.au.ap.domain.com.
>
>au.ap.domain.com. IN NS ns3.au.ap.domain.com.
>
>ns1.au.ap.domain.com. IN A 134.251.131.56
>
>ns2.au.ap.domain.com. IN A 134.251.131.61
>
>ns3.au.ap.domain.com. IN A 134.251.131.50
>
>test.au.ap.domain.com. IN A 172.16.0.1
>
>test1.au.ap.domain.com. IN A 172.16.0.2
>
>test2.au.ap.domain.com. IN A 172.16.0.3
>
>test3.au.ap.domain.com. IN A 172.16.0.4
>
>test4.au.ap.domain.com. IN A 172.16.0.5
>
>test5.au.ap.domain.com. IN A 172.16.0.6
>
>why slave is not getting the updates?
>
I assume you're incrementing the serial # and reloading the zone on the 
master, when you make a change, right (or using Dynamic Update, which 
does these things automatically)?

If so, then I would point out that you have your notify-source set to 
the listen address of the slave instead of the master. By default, 
slaves only respect NOTIFYs that come from the master address. So the 
slave is probably ignoring the NOTIFYs and it could take up to 3 hours 
(your REFRESH setting) for any changes to propagate "naturally".

Is there any particular reason why you set notify-source to the address 
of the slave instance? As for transfer-source, I don't know why you felt 
the need to set that explicitly (also to the slave instance's address), 
since you don't even slave any zones in that (master) instance...

Note that you can use the -b option on later versions of dig to 
test/troubleshoot ordinary queries and zone transfers between nameserver 
instances on the same box.

                                                                         
                                          - Kevin

More information about the bind-users mailing list