bind slave not get DNS update

Steve Zeng SteveZ at
Wed Jan 5 01:28:58 UTC 2011

Do u mean rndc? I do have it running:

tcp        0      0     *                   LISTEN      8341/named


From: Paul Ooi Cong Jen [mailto:paulooi at] 
Sent: Tuesday, January 04, 2011 5:11 PM
To: Steve Zeng
Cc: bind-users at
Subject: Re: bind slave not get DNS update

Hi Steve, 

Do you have rndc key running on your bind? 

Paul Ooi

On 05-Jan-2011, at 8:43 AM, Steve Zeng wrote:

We have a BIND DNS master and Windows DNS slave running for a while. I recently configured a second DNS slave running on Linux/Centos. When I stop/start the second DNS slave. It gets all zone files correctly. However, it does not get update when I make a zone file modification and increased the sn on the master. The odd thing is, I don't see any xfer-out log in the master(I do see the xfer-out log for the windows DNS slave, though). Googling around and search BIND maillist archive does not get much clue either. any hint is greatly appreciated..  
BIND MASTER(bind-9.3.1-20.FC4):
options {                                                        # this section sets the default options
        directory "/var/named";                 # directory where the zone files will reside
        listen-on {
                A.A.A.A;                                         # public IP address of the local interface to listen
      ;                         # private IP address of the local interface to listen
        auth-nxdomain no;                           # conform to RFC1035
        notify yes;                                            # enable AA notifies
        allow-notify { none; };
        allow-query { any; };                         # allow anyone to issue queries
        recursion no;                                       # disallow recursive queries unless over-ridden below
        version "0";                                          # obscures version reporting - can't hurt
        zone-statistics yes;
        statistics-file                                        "/var/named/statistics/named_stats.txt";
  channel simple_log {
    file "log/bind.log" versions 3 size 50m;
    severity info;
    print-time yes;
    print-severity yes;
    print-category yes;
  category default{
view "office" {
        match-clients { office_networks; };     # match hosts in acl "office_networks" above
        recursion yes;                          # allow recursive queries
        notify-source * port 53;
        allow-transfer { B.B.B.0/24; C.C.C.0/24};
        also-notify {
                B.B.B.B;                                # public IP of first DNS slave(windows DNS)
                C.C.C.C;                                # public IP of second DNS slave(Linux BIND DNS)
        zone "" in {
                type master;
                file "office/";
BIND SLAVE(bind-9.3.6-4.P1.el5_5.3):
        // Those options should be used carefully because they disable port
        // randomization
        // query-source    port 53;
        // query-source-v6 port 53;
        // Put files that named is allowed to write in the data/ directory:
        directory               "/var/named"; // the default
        dump-file               "data/cache_dump.db";
        statistics-file         "data/named_stats.txt";
        memstatistics-file      "data/named_mem_stats.txt";
                A.A.A.A;               # # public IP of master
/*      If you want to enable debugging, eg. using the 'rndc trace' command,
 *      named will try to write the '' file in the $directory (/var/named).
 *      By default, SELinux policy does not allow named to modify the /var/named directory,
 *      so put the default debug log file in data/ :
        channel default_debug {
                file "data/";
                // severity dynamic;
                severity info;
view "office"
/* This view will contain zones you want to serve only to "internal" clients
   that connect via your directly attached LAN interfaces - "localnets" .
        match-clients           { localnets; };
        recursion yes;
        // all views must contain the root hints zone:
        include "/etc/named.root.hints";
        include "/etc/named.rfc1912.zones";
        // you should not serve your rfc1912 names to non-localhost clients.
        // These are your "authoritative" internal zones, and would probably
        // also be included in the "localhost_resolver" view above :
        zone "" {
                type slave;
                file "slaves/";
                masters {
                        /* put master nameserver IPs here */
                } ;
bind-users mailing list
bind-users at

More information about the bind-users mailing list