Getting dynamic entries into their db files

Martin McCormick martin at dc.cis.okstate.edu
Sat Jun 27 13:59:56 UTC 2009 

Mark Andrews writes:
>         Have you really thought about this?  The correct way to
>         backup the DNS is to use slaves.  If all is going well you
>         will only loose a minute or two of changes.  You really
>         don't want to roll back to what is in backup tapes.

	At our site, I administer several FreeBSD and Linux
boxes. Several of the FreeBSD boxes run slaves for the express
purpose of disaster recovery. If you make sure that all the zone
files' names for your slaves exactly match the files used for the
master zones, you can promote one of the slaves to be a master
providing you save your master DNS's configuration files on the
slaves, maybe in a tar ball that you refresh each day via cron.

	Your tar ball needs to not overwrite the actual zone
data as this would totally defeat the purpose, but it does need
to overwrite the present named configuration so as to be come
the new master.

	What you do about coming up on your master's address is
totally up to you, but you could use a virtual interface if the
slave is on the same subnet as was the master, or you could
conceivably reconfigure the interface temporarily if possible,
but the object is to have a presence on the IP address of your
master so you can resume dynamic control.

	We actually did loose our master one evening as all were
going home for the day. The FreeBSD box that was our master had
the OS on one drive and /var on another. The boot drive died so
bind actually continued to work but we had no control any
longer. In order to bring the new slave up to master status, we
had to physically disconnect the Ethernet interface of the
master.

	The slave promotion worked except I discovered the value
of checking all file names before hand. One was wrong and, well,
that's another war story. The main thing is that each slave is a
perfect backup for your whole operation. It takes very little
effort to set them up and almost no maintenance afterwards. They
just run themselves quite nicely.

Martin McCormick

More information about the bind-users mailing list