Allowing zone xfer to slave server

Fri Aug 31 15:48:12 UTC 2007

I found I I needed to delete the .jnl file for the zone in question. I did that, then issue a manual zone xfer and it worked.  However, when I bring the slave up it still isn't pulling down any updates I make to the master.

Log from slave:

Aug 31 10:44:28 dss-cs99la49 named[12296]: starting BIND 9.3.2 -u named
Aug 31 10:44:28 dss-cs99la49 named[12296]: found 8 CPUs, using 8 worker threads
Aug 31 10:44:28 dss-cs99la49 named[12296]: loading configuration from '/etc/named.conf'
Aug 31 10:44:28 dss-cs99la49 named[12296]: listening on IPv6 interfaces, port 53
Aug 31 10:44:28 dss-cs99la49 named[12296]: listening on IPv4 interface lo, 127.0.0.1#53
Aug 31 10:44:28 dss-cs99la49 named[12296]: listening on IPv4 interface eth0, 10.120.9.8#53
Aug 31 10:44:28 dss-cs99la49 named[12296]: listening on IPv4 interface eth0:s1, 172.20.10.118#53
Aug 31 10:44:28 dss-cs99la49 named[12296]: command channel listening on 127.0.0.1#953
Aug 31 10:44:28 dss-cs99la49 named[12296]: command channel listening on ::1#953

---

I would expect to see some logging showing the slave server at least trying to pull from the primary but its not showing up. Perhaps I don't have logging set correctly..?

Once thing I did notice is the zone file for the dss.la.gov domain ends with $ORGIN. while the zone file for dss.la.gov doesnt not.

>>> On Thu, Aug 30, 2007 at  7:03 PM, in message
<barmar-A75421.20032130082007 at comcast.dca.giganews.com>, Barry Margolin
<barmar at alum.mit.edu> wrote: 
> In article <fb7aa9$10ng$1 at sf1.isc.org>,
>  "Ryan McCain" <Ryan.McCain at dss.state.la.us> wrote:
> 
>> I do have a NS record for the slave nameserver on the primay nameserver for 
>> the zone in question.
>> 
>> Here is the output from the dig command.  It see's the server but doesn't 
>> complete the zone xfer.  Does the output give you any ideas?
> 
> The master server is reporting an error trying to access the zone.  
> Check the log on the master server when you start up named.
> 
>> 
>> dss-cs99la49:/var/log # dig @172.20.11.200 dss.la.gov
>> 
>> ; <<>> DiG 9.3.2 <<>> @172.20.11.200 dss.la.gov
>> ; (1 server found)
>> ;; global options:  printcmd
>> ;; Got answer:
>> ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 6260
>> ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
>> 
>> ;; QUESTION SECTION:
>> ;dss.la.gov.                    IN      A
>> 
>> ;; Query time: 0 msec
>> ;; SERVER: 172.20.11.200#53(172.20.11.200)
>> ;; WHEN: Thu Aug 30 15:34:53 2007
>> ;; MSG SIZE  rcvd: 28
>> 
>> dss-cs99la49:/var/log #
>> 
>> .. As for the 'also-notify' option I don't have that set. Is that mandatory?
>> 
>> Thx
>> 
>> >>> "Dawn Connelly" <dawn.connelly at gmail.com> 08/30/07 3:00 PM >>>
>> Are you able to manually pull the zone file over? So if you do "dig
>> @masterserver domain.name axfr" does it work?
>> Just out of curiosity, do you have an NS record in the zone file on the
>> master server? If you don't have an NS record and you don't have a
>> "also-notify" option set, the master server doesn't know how to tell the
>> slave server to come get the new data. If you don't have an NS record, add
>> it in and I'll betcha that'll fix your problem.
>> 
>> On 8/30/07, Ryan McCain <Ryan.McCain at dss.state.la.us> wrote:
>> >
>> > I have 2 DNS servers setup on SLES 10.  Both are at BIND 9.3.2.
>> >
>> > When I add a dummy A record in one of the zones on the Primary server it
>> > doesn't "sync" down to the slave server.
>> >
>> > Here is a snip of named.conf from the slave server:
>> >
>> > zone "domainA.com" in {
>> >         masters { 172.20.11.200; };
>> >         file "slave/domainA.gov";
>> >         type slave;
>> > };
>> >
>> >
>> > 172.20.11.200 is the IP address of the Primary DNS server.
>> >
>> > From what I have been able to find via google all I need to do is add this
>> > option to the Primary DNS server where 172.20.11.118 is the IP address of
>> > the slave server:
>> >
>> > allow-transfer { 172.20.10.118 } ;
>> >
>> >
>> > ..I have done this but it's not working.  Am I overlooking something?
>> >
>> > Thx..
>> >
>> >
>> >
>> >