Master <--> slave named.conf "auto-generation"
cbuxton at menandmice.com
Fri Mar 14 16:43:37 UTC 2008
We at Men & Mice have audited installations that use rsync instead of
zone transfers. All changes are done on a staging server, and that
config is then automatically rsync'd to the production servers (all
masters, no slaves) once it passes some sanity tests. Access to the
staging server is controlled and usually monitored/logged, and the
testing and rsyncing operation might be kicked off by the management
system, manually, or by fam.
Of course, we prefer to see installations using our software. But for
those customers who don't trust zone transfers, notify, etc., rsync
works fine. This was the original replication strategy suggested by
Prof. Bernstein for djbdns, and probably is still his first choice.
Men & Mice
On Mar 13, 2008, at 6:27 PM, John Wobus wrote:
> On Mar 13, 2008, at 4:40 AM, bsd wrote:
>> I would like to know if there is a way, whenever a new zone
>> is added to the primary master server, to have the slaves
>> automatically configure themselves with matching slave-zone
>> If not - what are people currently using to acomplish this task?
>> Have you got any good script that could help me achieve that in an
>> "elegant" way?
>> What are the best path to achieve this knowing that I could have
>> master and slave file generated on one server (the master), how would
>> you handle the propagation of the named.conf (slave) file and signal
>> (rndc reload) and the slave?
>> Any other advise / experience / experiment are welcome.
> My experience does not include dynamic DNS, but...
> Sites with large DNS setups often generate their zone files and
> the relevant portions of the named.conf files from a database. The
> app that does this generation transfers the zones and relevant
> to the master and transfers the slave-oriented named.conf to the
> e.g. using rsync, and does the appropriate rndc commands. My site
> If you want to maintain DNS as flat files on one nameserver, a way to
> do it is
> to make the 'slaves' into masters, and transfer an included piece of
> named.conf file as well as all the zone files to them using rsync.
> Then you can
> do all your work on the flat files on one nameserver (the 'primary
> master'?), and run a script
> that does nothing more than transfers files and runs a remote rndc
> command. And notify
> and zone transfer issues never bite you. I've never been at a site
> does exactly this, but I have been at a site that managed three
> identical masters
> from the same database rather than using slaves.
> John Wobus
More information about the bind-users