BIND up and working. 3 zones in sync. Summary inside

Ryan McCain Ryan.McCain at dss.state.la.us
Fri Sep 28 18:06:19 UTC 2007 

Hopefully this will help others out in the future.

Summary: We have been using dss.state.la.us for ages and have now been told to also start using dss.la.gov and dss.louisiana.gov.  Since any new DNS record would go in all 3 zones I wanted to create a way where I didn't have to manually update the 3 zone files.  With the help of many people on this list, this is how I was able to accomplish that goal.

dss.state.la.us zone file:
$TTL 3600       ; 1 hour
@               IN SOA  dss-cs99la14.dss.state.la.us. webmaster.dss.state.la.us. (
                                2007092802  ; serial
                                1200        ; refresh (20 minutes)
                                600         ; retry (10 minutes)
                                1209600     ; expire (2 weeks)
                                3600        ; minimum (1 hour)
)
                        NS      dss-cs99la14.dss.state.la.us.
                        NS      dss-dr93la05.dss.state.la.us.
                        MX      10 smtp1
$INCLUDE /var/lib/named/shared.zone

...Notice the $INCLUDE statement.  The shared.zone file contains the all of our DNS records:

-SNIP-
drac                    CNAME   dss-cs99ma22
dss-ad-idm-test         A       10.120.160.188
dss-adobe-suse          A       10.120.160.250
dss-adobe-w2k3          A       10.120.160.249
dss-as5300              CNAME   dss-sdis1722388
dss-asfr1719680         A       172.21.6.154
dss-br03nf03            A       10.122.32.239
dss-br17nf01            A       10.122.11.239
dss-br17nf02            A       10.122.13.239
dss-br17nf05            A       10.120.100.216
-SNIP-

I then linked the dss.la gov and dss.louisiana.gov  zone files to to the dss.state.la.us zone file:
# ln -s /var/lib/named/master/dss.state.la.us /var/lib/named/master/dss.la.gov
# ln -s /var/lib/named/master/dss.state.la.us /var/lib/named/master/dss.louisiana.gov

..This way, when I add a DNS record to the shared.zone file I only need to update the serial number in one file since all 3 zones are linked to each other.

..So if someone queried dss-br17nf05.dss.la.gov it would use the dss.la.gov zone file:
$TTL 3600       ; 1 hour
@               IN SOA  dss-cs99la14.dss.state.la.us. webmaster.dss.state.la.us. (
                                2007092802  ; serial
                                1200        ; refresh (20 minutes)
                                600         ; retry (10 minutes)
                                1209600     ; expire (2 weeks)
                                3600        ; minimum (1 hour)
)
                        NS      dss-cs99la14.dss.state.la.us.
                        NS      dss-dr93la05.dss.state.la.us.
                        MX      10 smtp1
$INCLUDE /var/lib/named/shared.zone

..BIND would see the $INCLUDE statement and look in the shared.zone file for dss-br17nf05.  It would find that dss-br17nf05 resolves to 10.120.100.216 and because the query was dss-br17nf05.dss.la.gov it would automatically append dss.la.gov to the end of it.

..The key is to use @ in the SOA which will take the name of the zone defined in named.conf rather than hardcoding yourdomain.com.

..Also, do not fully qualify your MX record in the zone file so it will automatically append the appropriate domain name as explained above.

If I have made any errors, feel free to comment.

Ryan

More information about the bind-users mailing list