Internal Master with external slaves
Gabriel Granger
gabe at pancentric.com
Tue Jan 24 11:19:29 UTC 2006
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Thanks for the pointer, I looked at NOTIFY and now understand how
notify works :) basically when the master notices that the serial
number of a zone has changed, it sends a announcement to all the
slave servers for the zone in question. The master knows which
servers are slaves by looking at the zone (specifically the NS
records) it sends the announcement to all bar the one in the SOA
because that is the master NS server.
so where I had told my zones that the master was really a slave, bind
thinks its the master and therefore does not send that server the
announcement.
The way I've got round the problem is using "also-notify" statement
in my named.conf.options which has allowed me to add my slave server
which appears the master in the SOA record.
also-notify { address or server; };
- --
Gabe Granger
On 23 Jan 2006, at 21:54, Kevin Darcy wrote:
> We've had similar issues with our "hidden master" setup, and someone
> here suggested it was because our machines are multi-homed, and
> sometimes the NOTIFY packets come from an address which is unknown
> to a
> given slave, and thus are rejected. If this is the root cause, it
> should
> be fixable with some combination of notify-source and/or allow-notify,
> but I haven't got around to it yet...
>
> - Kevin
>
> Gabriel Granger wrote:
>
>> Hi All,
>>
>> I've been using Bind for a while and decided that it would be a good
>> idea to move my master inside my private nat network. I've made my
>> public master and slave servers both slaves to my internal master.
>> Which for the most part works fine, the problem I'm having, is when I
>> make changes on the master server it takes ages for the slaves to be
>> notified and grab the update. Because I dont what the true location
>> of my master specified anywhere in the zone I've set the start of my
>> SOA as follows
>>
>> @ IN SOA ns0.pancentric.net. dns-
>> admin.pancentric.com.
>>
>> which is what the WHOIS information shows, and I've told my slaves
>> where the real master is. Having set this up, I'm now wondering if
>> the way I've done this is wrong? or do I need to additionally specify
>> other options to allow my slaves to update quicker?
>>
>> What is the best way of setting something like this up?
>>
>> Many thanks in advance,
>>
>>
>> Gabe Granger
>>
>>
>>
>>
>>
>>
>>
>
>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (Darwin)
iD8DBQFD1g1BjHdl+cifT5kRAlnDAJ0faK+YW/X/xMNDMNiCj2p+QiYPhgCeMZAD
aN6y4h3qKbPPQ2wf+ehfjFE=
=Ncs4
-----END PGP SIGNATURE-----
More information about the bind-users
mailing list