DDNS conflict with zone update

Mark Andrews Mark_Andrews at isc.org
Sun Jul 6 23:49:03 UTC 2008


> Hi

> I got a configuration of two nameserver a master (192.168.0.5) and a
> slave (192.168.0.1). The slave nameserver was first configured to ddns
> with dhcp3-server (it was working flawless). Then I added the master
> nameserver and the zone updates between master and slave would only
> work, if ddns was comment out.  I can paste both full configurations if
> necessary, but the master/slave setup is pretty straight forward.
> 
> named.conf.locale @ Master-nameserver:
> 	zone "utysket.dk" {
>         	type master;
>         	file "utysket.dk.zone";
>         	notify yes;
>         	allow-transfer { key MasterSlave; };
> 	};
> 
> named.conf.locale @ Slave-nameserver:
>         zone "utysket.dk" {
>                 type slave;
>                 masters { 192.168.0.5; };
>                 allow-notify { 192.168.0.5; };
>         #        allow-update { key "ddns-key"; };
>                 file "utysket.dk.zone";
>                 notify yes;
>         };
> 
> Is it conflicting to have two sources updating the zone-file? Another
> thing regarding ddns and my setup. DDNS increases the serial in the
> slaves zone file. So if there is enough dhcp changes the serial can
> exceed the serial of the master name-servers zone file. Is it just a
> matter of setting the serial high enough or it is generally a bad idea
> to have ddns on only the slave?
> 
> /Lars

	Updates *have* to go to the master, either directly or as
	the result of the update being forwarded by the slave.

	As you are using TSIG to do the updates you can just turn
	on forwarding in the slave.

		allow-update-forwarding { any; };

	It is a configuration error to have a allow-update clause
	in a slave zone.

	Mark
	
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark_Andrews at isc.org


More information about the bind-users mailing list