Primary name server updates propagating to secondary

Oscar Usifer oscaruser at programmer.net
Mon Jan 28 22:52:24 UTC 2008


Folks,

Our primary name server, (bind-9.3.4) currently set up to resolve 
our server host names, needs to propagate changes to our secondary 
name server. From nslookup I see that the A records has propagated, 
but the SOA record has not. If the primary name server goes off 
line, does that imply that the hostname translation will not 
resolve? The following is part of our primary and secondary /etc/named.conf file (modified for 
illustration purposes). If this is the case, how can I cause our secondary NS to list the SOA record?

Thanks,
-OSC


osc at frag ~]$ nslookup mysite2.com primary_ns
Server:         primary_ns
Address:        x.x.132.253#53

Name:   mysite2.com
Address: x.x.132.140

[osc at frag ~]$ nslookup mysite2.com secondary_ns
Server:         secondary_ns
Address:        x.x.132.252#53

Non-authoritative answer:
Name:   mysite2.com
Address: x.x.132.140

[osc at frag ~]$ 


// primary name server /etc/named.conf
acl secondaries {
    <secondary ip addr>; /* our secondary ns ip addr */
};

acl trusted {
    127.0.0.1;
    192.168.2.0/24;
    192.168.1.0/24;
    y.y.132.128/25;
    y.y.52.1;
};

acl drop {
   z.0.0.0/24;
};

logging {
    channel my_syslog {
       syslog local2;
       severity debug;
    };

    category default { my_syslog; };
    category lame-servers { null; };
};


options {
    directory "/var/named";
    pid-file "/var/run/named/named.pid";
    statistics-file "/var/run/named/named.stats";
    datasize 64M;
    cleaning-interval 5;
    transfer-format many-answers;
    max-transfer-time-in 60;
    interface-interval 0;

    allow-transfer { 
       secondaries;
    };

    allow-query {
       trusted;
    };

    blackhole {
       drop;
    };
};


view "all-in-one" in {
    allow-query { any; };
    match-clients { any; };
    recursion yes;
    allow-recursion {
       trusted;
    };

    additional-from-auth yes;
    additional-from-cache yes;

    zone "." in {
       type hint;
       file "root.cache";
    };

    zone "127.in-addr.arpa" in {
       type master;
       file "master/127.in-addr.arpa";
       allow-query {
          any;
       };
       allow-transfer {
          none;
       };
    };

    zone "localhost" in {
      type master;
      allow-query { any; };
      file "master/localhost";
    };

    zone "0.in-addr.arpa" {
      type master;
      allow-query { any; };
      file "master/0.in-addr.arpa";
    };
    zone "255.in-addr.arpa" {
      type master;
      allow-query { any; };
      file "master/255.in-addr.arpa";
    };

    zone "com." {
       type delegation-only;
    };
    zone "net." {
       type delegation-only;
    };
    zone "0.168.192.in-addr.arpa" IN {
       type master;
       file "master/0.168.192.in-addr.arpa";
       allow-update { none; };
       allow-transfer { secondaries; };
       notify yes;
    };
    zone "1.168.192.in-addr.arpa" IN {
       type master;
       file "master/1.168.192.in-addr.arpa";
       allow-update { none; };
       allow-transfer { secondaries; };
       notify yes;
    };
    zone "2.168.192.in-addr.arpa" IN {
       type master;
       file "master/2.168.192.in-addr.arpa";
       allow-update { none; };
       allow-transfer { secondaries; };
       notify yes;
    };
    zone "5.168.192.in-addr.arpa" IN {
       type master;
       file "master/5.168.192.in-addr.arpa";
       allow-update { none; };
       allow-transfer { secondaries; };
       notify yes;
    };
    zone "mysite.com" IN {
       type master;
       file "master/mysite.com";
       allow-update { none; };
       allow-transfer { secondaries; };
       notify yes;
    };
    zone "mysite2.com" IN {
       type master;
       file "master/mysite.com";
       allow-update { none; };
       allow-transfer { secondaries; };
       notify yes;
    };
    zone "test.mysite.com" IN {
       type master;
       file "master/test.mysite.com";
       allow-update { none; };
       allow-transfer { secondaries; };
       notify yes;
    };
    zone "test.mysite3.com" IN {
       type master;
       file "master/test.mysite.com";
       allow-update { none; };
       allow-transfer { secondaries; };
       notify yes;
    };
    zone "mysite.cn" IN {
       type master;
       file "master/mysite.com";
       allow-update { none; };
       allow-transfer { secondaries; };
       notify yes;
    };
    zone "mysite1.cn" IN {
       type master;
       file "master/mysite.com";
       allow-update { none; };
       allow-transfer { secondaries; };
       notify yes;
    };
    zone "mysite2.cn" IN {
       type master;
       file "master/mysite.com";
       allow-update { none; };
       allow-transfer { secondaries; };
       notify yes;
    };
    zone "mysite3.cn" IN {
       type master;
       file "master/mysite.com";
       allow-update { none; };
       allow-transfer { secondaries; };
       notify yes;
    };
    zone "128-255.132.x.x.in-addr.arpa" IN {
       type master;
       file "master/128-255.132.x.x.in-addr.arpa";
       allow-update { none; };
       allow-transfer { secondaries; };
       notify yes;
    };

};

view tighten-chaos chaos {
    match-clients { any; };
    recursion no;
    zone "." chaos { 
       type hint; 
       file "/dev/null";
    };
    zone "bind" chaos {
       type master;
       file "master/bind.chaos";
       allow-query { none; };
       allow-transfer { none; };
    };
};

key "xxxx" {
         algorithm xxxx;
         secret "xxxxx";
};


// secondary name server /etc/named.conf
acl secondaries {
    localhost;
};

acl trusted {
    localhost;
    192.168.2.0/24;
    192.168.1.0/24;
    y.y.132.128/25;
};

acl drop {
   z.0.0.0/24;
};

logging {
    channel my_syslog {
       syslog local2;
       severity debug;
    };
    category default { my_syslog; };
    category lame-servers { null; };
};

options {
    directory "/var/named";
    pid-file "/var/run/named/named.pid";
    statistics-file "/var/run/named/named.stats";
    datasize 64M;
    cleaning-interval 5;
    transfer-format many-answers;
    max-transfer-time-in 60;
    interface-interval 0;
    allow-transfer { 
       secondaries;
    };
    allow-query {
       trusted;
    };
    blackhole {
       drop;
    };
};

view "all-in-one" in {
    allow-query { any; };
    match-clients { any; };
    recursion yes;
    allow-recursion {
       trusted;
    };
    additional-from-auth yes;
    additional-from-cache yes;

    zone "." in {
       type hint;
       file "root.cache";
    };
    zone "127.in-addr.arpa" in {
       type master;
       file "master/127.in-addr.arpa";
       allow-query {
          any;
       };
       allow-transfer {
          none;
       };
    };
    zone "localhost" in {
       type master;
       allow-query { any; };
       file "master/localhost";
    };
    zone "0.in-addr.arpa" {
       type master;
       allow-query { any; };
       file "master/0.in-addr.arpa";
    };
    zone "255.in-addr.arpa" {
       type master;
       allow-query { any; };
       file "master/255.in-addr.arpa";
    };
    zone "com." {
       type delegation-only;
    };
    zone "net." {
       type delegation-only;
    };
    zone "0.168.192.in-addr.arpa" IN {
       type slave;
       file "slave/0.168.192.in-addr.arpa";
       masters {  <primary name server ip>; };
       allow-transfer { none; };
       notify no;
    };
    zone "1.168.192.in-addr.arpa" IN {
       type slave;
       file "slave/1.168.192.in-addr.arpa";
       masters {  <primary name server ip>; };
       allow-transfer { none; };
       notify no;
    };
    zone "2.168.192.in-addr.arpa" IN {
       type slave;
       file "slave/2.168.192.in-addr.arpa";
       masters {  <primary name server ip>; };
       allow-transfer { none; };
       notify no;
    };
    zone "5.168.192.in-addr.arpa" IN {
       type slave;
       file "slave/5.168.192.in-addr.arpa";
       masters {  <primary name server ip>; };
       allow-transfer { none; };
       notify no;
    };

    zone "mysite.com" IN {
       type slave;
       file "slave/mysite.com";
       masters {  <primary name server ip>; };
       allow-transfer { none; };
       notify no;
    };
    zone "test.mysite.com" IN {
       type slave;
       file "slave/test.mysite.com";
       masters {  <primary name server ip>; };
       allow-transfer { none; };
       notify no;
    };
    zone "128-255.132.x.x.in-addr.arpa" IN {
       type slave;
       file "slave/128-255.132.x.x.in-addr.arpa";
       masters {  <primary name server ip>; };
       allow-transfer { none; };
       notify no;
    };

};

view tighten-chaos chaos {
    match-clients { any; };
    recursion no;

    zone "." chaos { 
       type hint; 
       file "/dev/null";
    };

    zone "bind" chaos {
       type master;
       file "master/bind.chaos";
       allow-query { none; };
       allow-transfer { none; };
    };
};

key "xxxx" {
    algorithm xxxx;
    secret "xxxxxxxx";
};


-- 
Want an e-mail address like mine?
Get a free e-mail account today at www.mail.com!



More information about the bind-users mailing list