slaves still serve old data after successfull zone transfer (with views)

Kevin Darcy kcd at daimlerchrysler.com
Wed Feb 22 21:01:29 UTC 2006 

Aleksandar Milivojevic wrote:

>Hi,
>
>I've browsed through some documentation about views, consulted the 
>book, but still need one clarification.  Is it OK to share same zone 
>file between multiple views?
>
>For example, this is what I attempted to configure.  Let say I have 
>zone foobar.com that should be the same for all views.  Then I define 
>views name-servers, foo and bar, define zone foobar.com in all of them 
>and point to the same file on disk (on both master and slaves).  BIND 
>(9.2.x) doesn't complain about this and things seem to work file until 
>foobar.com zone is updated.  To prevent duplicate notifications and 
>zone transfers, notify is enabled only in name-servers view.
>
>When zone is updated, slaves will correctly transfer it.  However, they 
>will serve updated zone data only when queried from IP addresses that 
>match name-servers view (which is first defined view).  If queried from 
>IP addresses that end up using foo and bar views, slaves return old 
>data.  Inspection of downloaded zone file on slave shows updated data.
>
>Master returns new updated data in all views.
>
>The only way to get slaves to start serving updated data in all views 
>was to restart them (since than they will load data from disk).
>
Sharing zone files between views is a "feature" that AFAIK was never 
really designed into BIND 9. It just kind of works, on a master server. 
A slave, however, will assume that it has complete control over the 
replication of the zone data, so if one view happens to do a transfer of 
a zone, other views which might reference the same zone file have no 
clue about this, and for them, the change will propagate on the next 
refresh cycle, which could be hours away. If you want faster propagation 
of changes to the slaves, you'll need to re-enable NOTIFYs and zone 
transfers in the foo and bar views. For safety's sake, you should also 
define different slave zone files on the slaves, otherwise you risk 
corruption if two zone transfers happen to be writing the file at the 
same time.

                                                                         
                                                               - Kevin

More information about the bind-users mailing list