4 DNS servers, 1 BIND9 slave, 2 BIND8.4 slaves, 1 BIND8 master

Bill Larson wllarso at swcp.com
Mon May 14 19:30:15 UTC 2007 

On May 14, 2007, at 12:18 PM, Ian Savoy wrote:

> Thanks Andy,
>
> Just to confirm, you've always had to update the slave manually upon
> each addition of a new domain on your master?  that's a little  
> messed up
> if you ask me, but then again, i'm coming from the bind8 world :)   
> Heh,
> i guess i'm really just waiting for someone to say that we both have a
> configuration error, due to the fact that i just _can't_ believe  
> this! ;)

I'm confused here.  Are/were you saying that you never had to edit  
the "named.conf" file on your slave when you added a zone on the master?

With BIND itself there has never been a way to update the secondary/ 
slave from the master.  This held true for BIND-4 onward.  (Can't say  
anything about any earlier BIND software.)

There have been proposals made to have a "master" zone on each master  
which identifies all of the zones that the master manages, and some  
people have implemented this.  The a transfer of this "master" zone  
to the slaves could be used to configure the slaves - BUT this is  
outside of BIND itself.

I believe that there may be other DNS server software that does  
manage the configuration of the slaves, but not this is not true with  
BIND.

> If this is just the way things are, then i guess i'll have to  
> script it,
> but shouldn't the transfer from slave to master be automatic?  i know
> that bind8 was a lot more forgiving as far as configuration goes, but
> still...why now all of a sudden do i have to manually add zones to a
> slave?  Anybody have an answer?...feel free to be as technical as you
> like :)

Here I'm being picky.  There is no "transfer from slave to master" in  
any version of BIND.  But, if you reverse these two, the answer is  
still no.  You need to configure the slave to allow it to know what  
zones it is responsible for and where to obtain the zone information  
- just as Andy pointed out.

Although DNS operation may sometimes appear to be magical, it really  
aren't.  There are no real mysteries in configuring and operating a  
DNS server.  I know that this "magical" aspect originally confounded  
me (ancient history), but I soon learned to read the documentation  
supplied with BIND very carefully.  I also got a copy of "DNS & BIND"  
as soon as it was written.

Your "auto-configuration" of BIND slaves must be occurring outside of  
BIND itself.  Since you say that you are running multiple BIND-8  
slaves, I would try and double check their operation for another  
mechanism that is performing this configuration auto-magically.  As a  
test, how about creating a new test zone on your master and then  
checking the configuration on your slave(s) to see how they get  
modified to recognize the new zone on your master.

Also, you originally said that your configuration is identical  
between the BIND-8 and BIND-9 slaves.  Have you read over the "doc/ 
misc/migration" file talking about migration between BIND-8 and  
BIND-9.  Also, have you run "named-checkconf" against your  
configuration file?

If you are having further problems (not necessarily for just a simple  
question as you made), you will most likely need to provide us copies  
of your "named.conf" files from your master and slaves.  But even  
with just a question, providing a copy of your configuration file may  
be very helpful to keep us from simply guessing about what you are  
doing.

Bill Larson

> -Ian Savoy
>
> Andy Shellam wrote:
>> Hi Ian,
>>
>> Personally I've always had to do this, but then the first Bind  
>> version I
>> used was Bind 9.
>> It makes sense, for the following reasons:
>>
>> a) How will the slave know which zones it's authoritative for?
>> b) How will the slave know which is the master/s server?
>> c) How will the slave know where to store it's zone files for the  
>> zones?
>>
>> I can confirm this would still be the case if you upgraded your  
>> master
>> to 9.4, as both my master/slave are running 9.4.1.
>>
>> Andy.
>>
>> Ian Savoy wrote:
>>
>>> The issue i am having is regarding zone transfers between my  
>>> bind9 slave
>>> and my bind8 master.  It appears that i have to manually add the  
>>> zone in
>>> named.conf on my slave before the rndc utility will update the  
>>> domain
>>> after it's created on the master.  My normal procedure was as  
>>> follows
>>> before the upgrade:
>>>
>>>
>>>    1. add zone to named.conf on master
>>>    2. create zone file for domain being added
>>>    3. run 'rndc reload domain.com' on the master
>>>    4. run 'rndc reload domain.com' on the slave
>>>
>>> These steps would normally result in updating the zones on the  
>>> slave as
>>> well, WITHOUT having to manually add a line in named.conf,  
>>> however now i
>>> have to do the following:
>>>
>>>    1. add zone to named.conf on master
>>>    2. create zone file on master
>>>    3. run rndc reconfig on master
>>>    4. add zone to named.conf on bind9 slave
>>>    5. run rndc reload on slave
>>>
>>> Questions:
>>>
>>>    1. Would i have this problem if i upgraded my master to BIND9?
>>>    2. Is there a workaround, or another way of doing this.
>>>
>>> This problem started after a migration, however it was a very smooth
>>> migration, and there are no configuration differences on the  
>>> servers,
>>> i.e. the settings on the old bind8 slave are the same on the  
>>> bind9 slave
>>> that replaced it - thus, this is not a misconfiguration as far as  
>>> i can
>>> tell.
>>>
>>> Thanks in advance,
>>>
>>> -Ian
>>>
>>>
>>>
>>
>>
>>
>>
>>
>
>
> -- 
> Ian Savoy
> Webforce Systems, Inc
> Operations Support/UNIX Engineer
> CompTIA A+ Certified Professional
> Tech. Support: 614-899-9257 x22
> Website: http://www.ewebforce.net
>
>

More information about the bind-users mailing list