syncronizing 2 dns server (windows/linux)
Kevin Darcy
kcd at daimlerchrysler.com
Sat Sep 24 02:10:10 UTC 2005
Josh Hyles wrote:
>Content-Type: text/plain; charset=ISO-8859-1
>Content-Transfer-Encoding: quoted-printable
>Content-Disposition: inline
>I am trying to figure out the best way to sync two server that are of
>different platforms. I want to somehow make all the files the exact same an=
>d
>it would be nice if I didnt have to create the zones on both machines. Is
>this possible? I already have it so that I can update ns1 and ns2 will take
>the affects, but I want to make a new zone on ns1 and have it create it on
>ns2 as well.
>
There is no standard way to make a slave automatically generate a
slave-zone definition when a zone appears on the master server. One
common way is just to abandon the standard zone-transfer paradigm and
use something like rsync to copy over the master's whole config
(named.conf and zones files) to the slave periodically, along with a
reload of course so that the slave picks up the changes. Or you could
cobble together some script (as I have) that runs on the slave, figures
out what it should or shouldn't be slaving (based on the contents of a
special "index" zone, or by carefully walking the internal namespace),
and reconfigures itself accordingly. Being that one of these boxes is
Windows, your option in this regard may be somewhat limited.
>Also, is there an app that will analyze your zone files to mak=
>e
>sure the syntax is right? I have the following that I'm trying to figure ou=
>t
>which one is done correctly.... here is the first which uses an $ORIGIN
>tag....
>
>$ORIGIN .
>
>
>>$TTL 86400 ; 1 day
>>haiericemachine.com <http://haiericemachine.com> IN SOA
>>ns1.goatinatree.com <http://ns1.goatinatree.com>. root.haiericemachine.co=
>>
>>
>m<http://root.haiericemachine.com>.
>
>
>>(
>>2004170901 ; serial
>>28800 ; refresh (8 hours)
>>7200 ; retry (2 hours)
>>604800 ; expire (1 week)
>>86400 ; minimum (1 day)
>>)
>>NS ns1.goatinatree.com <http://ns1.goatinatree.com>.
>>NS ns2.goatinatree.com <http://ns2.goatinatree.com>.
>>A 216.117.131.89 <http://216.117.131.89>
>>$ORIGIN haiericemachine.com <http://haiericemachine.com>.
>>www A 216.117.131.89 <http://216.117.131.89>
>>
>>
>
>
>
>And here is one that doesnt....
>
>@ IN SOA ns1.goatinatree.com <http://ns1.goatinatree.com>.
>
>
>>root.wisdomofwellnessproject.com <http://root.wisdomofwellnessproject.com=
>>.
>>(
>>2004050801 ; serial number
>>3600 ; refresh
>>7200 ; retry
>>604800 ; expire
>>86400 ) ; default TTL
>>
>>;
>>; Zone NS records
>>;
>>
>>@ NS ns1.goatinatree.com <http://ns1.goatinatree.com>.
>>@ NS ns2.goatinatree.com <http://ns2.goatinatree.com>.
>>
>>;
>>; Zone records
>>;
>>
>>@ A 216.117.131.89 <http://216.117.131.89>
>>@ MX 5 mail.wisdomofwellnessproject.com<http://mail.wisdomofwellnessproje=
>>
>>
>ct.com>
>
>
>>.
>>ftp A 216.117.131.89 <http://216.117.131.89>
>>mail A 216.117.131.89 <http://216.117.131.89>
>>www A 216.117.131.89 <http://216.117.131.89>
>>
>>
>>
>>
>
>Which one of these files is right? they both work, but which is better?
>
named-checkzone from the BIND distribution can check a zone for
syntactical correctness.
Which zonefile format is "better" is a matter of taste and preference.
Assuming you're maintaining these zone files manually, then it's really
a matter of what you're more comfortable with. If you're _not_
maintaining them manually, then why do you really care what they look
like as long as they work?
- Kevin
More information about the bind-users
mailing list