Strange behaviour after nsupdate
Kevin Oberman
oberman at es.net
Tue Nov 9 23:00:14 UTC 2010
> Date: Tue, 09 Nov 2010 13:34:41 -0800
> From: Eric Ham <ericham at usc.edu>
> Sender: bind-users-bounces+oberman=es.net at lists.isc.org
>
> On 11/ 9/10 01:25 PM, Christian Ruppert wrote:
> > On 11/09/2010 10:11 PM, Christian Ruppert wrote:
> >> Hey guys,
> >>
> >> I have a zone that I update remotely via nsupdate. When I update the
> >> zone and query it internal (view) I get the correct answer but when I do
> >> a query from outside I still get the old A record.
> >> So the same nameserver gives different answers.
> >>
> >> "dig my.zone.tld A +short @ns.zone.tld".
> >>
> >> I have a internal view as well as a external view. The biggest
> >> difference between those two is that the external view has recursion,
> >> additional-from-auth and additional-from-cache disabled.
> >>
> >> Both views include the hint (root.cache) and the same zones.conf.
> >> The internal view includes additionally 127.in-addr.arpa and a localhost
> >> zone.
> >>
> >> ls -l /etc/bind/dyn/my.zone.tld.zone*
> >> -rw-r--r-- 1 named named 386 2010-11-07 11:22
> >> /etc/bind/dyn/my.zone.tld.zone
> >> -rw-rw---- 1 root named 2636 2010-11-07 11:08
> >> /etc/bind/dyn/my.zone.tld.zone.jnl
> >>
> >> Any ideas what could be wrong?
> >>
> >
> > I forgot to mention that I use bind-9.7.2-P2.
> > Removing the journal (as a workaround for now) helps although it's no
> > solution.
> > The nsupdate commands are:
> > server ns.zone.tld
> > zone my.zone.tld
> > update delete my.zone.tld <TTL> A <OLDIP>
> > update add my.zone.tld <TTL> A <NEWIP>
> > send
>
> You are sharing 1 zone file between 2 views? If so, I don't think this
> is recommended.
This was just discussed on the list.
If you are doing dynamic updates, having 2 views using the same zone
file will not work right. It looks to me like you have demonstrated
this.
--
R. Kevin Oberman, Network Engineer
Energy Sciences Network (ESnet)
Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab)
E-mail: oberman at es.net Phone: +1 510 486-8634
Key fingerprint:059B 2DDF 031C 9BA3 14A4 EADA 927D EBB3 987B 3751
More information about the bind-users
mailing list