master and slave on the same server - problem
Kevin Darcy
kcd at daimlerchrysler.com
Thu Sep 22 22:56:58 UTC 2005
Rajesh Bandar wrote:
>Thank you very much kevin for the reply. As you suggested I have
>installed Bind 9.3.1 on solaris 9.
>I am running both master and slave on the same machine. But I am
>having problem with slave server.
>If I make any changes to the zone file on the master server, they
>should be transfered to the slave.
>But that is not happening on the slave server.
>named.conf on primary:
>
># Use with the following in named.conf, adjusting the allow list as needed:
>
>key "rndc-key" {
>
>algorithm hmac-md5;
>
>secret "hfSrOaQxuvUGTEMGOcdxFg==";
>
>};
>
>controls {
>
>inet 127.0.0.1 port 953
>
>allow { 127.0.0.1; } keys { "rndc-key"; };
>
>};
>
>acl "slaves" {
>
>134.251.131.50;
>
>127.0.0.1;
>
>localhost;
>
>};
>
>options {
>
>directory "/var/named"; // Working directory
>
>listen-on {134.251.131.56; };
>
>allow-transfer { "slaves"; };
>
>transfer-source 134.251.131.50;
>
>notify-source 134.251.131.50;
>
>allow-query { any; }; // This is the default
>
>recursion yes; // Do not provide recursive service
>
>notify yes;
>
>pid-file "/var/run/named.pid";
>
>statistics-file "/var/run/named.stats";
>
>dump-file "/var/run/named.db";
>
># hide the version number
>
>version "[secured]";
>
>};
>
># The root nameservers
>
>zone "." {
>
>type hint;
>
>file "named.root";
>
>};
>
>zone "localhost" {
>
>type master;
>
>file "/var/named/zone/localhost.hosts";
>
>};
>
>zone "127.0.0.in-addr.arpa" {
>
>type master;
>
>file "/var/named/zone/0.0.127.rev";
>
>};
>
>zone "au.ap.domain.com" {
>
>type master;
>
>file "/var/named/zone/au.ap.domain.com.hosts";
>
>allow-transfer { "slaves"; };
>
>};
>
>zone "131.251.134.in-addr.arpa" {
>
>type master;
>
>file "/var/named/zone/134.251.131.rev";
>
>allow-transfer { "slaves"; };
>
>};
>
>
>named.conf.slave file (slave config)
>
>Use with the following in named.conf, adjusting the allow list as needed:
>
>key "rndc-key" {
>
>algorithm hmac-md5;
>
>secret "ra4L34V90UX8uMphiEW2Kw==";
>
>};
>
>controls {
>
>inet 127.0.0.1 port 954
>
>allow { 127.0.0.1; } keys { "rndc-key"; };
>
>};
>
># End of named.conf
>
>options {
>
>directory "/var/named/slave"; // Working directory
>
>listen-on {134.251.131.50; };
>
>allow-query { any; }; // This is the default
>
>recursion yes; // Do not provide recursive service
>
>pid-file "/var/run/namedlave.pid";
>
>statistics-file "/var/run/namedslave.stats";
>
>dump-file "/var/run/namedslave.db";
>
># hide the version number
>
>version "[secured]";
>
># The root nameservers
>
>zone "." {
>
>type hint;
>
>file "named.root";
>
>};
>
>zone "localhost" {
>
>type master;
>
>file "/var/named/slave/localhost.hosts";
>
>};
>
>zone "127.0.0.in-addr.arpa" {
>
>type master;
>
>file "/var/named/slave/0.0.127.rev";
>
>};
>
>zone "au.ap.domain.com" {
>
>type slave;
>
>file "/var/named/slave/au.ap.domain.com.slave";
>
>masters { 134.251.131.56; };
>
>};
>
>I am running 2 named instances for master and slave.
>
>root at cluster2/var/named/slave > ps -ef|grep name
>
>root 10225 1 0 00:17:04 ? 0:00 /usr/sbin/in.named -c /etc/named.conf.slave
>
>root 10171 1 0 00:04:31 ? 0:00 /usr/sbin/in.named -c /etc/named.conf
>
>zone file on master server I updated:
>
>$ttl 38400
>
>au.ap.domain.com. IN SOA ns1.au.ap.domain.com. rajesh\.bandar.domain.com. (
>
>2005092301
>
>10800
>
>60
>
>604800
>
>38400 )
>
>au.ap.domain.com. IN NS ns1.au.ap.domain.com.
>
>au.ap.domain.com. IN NS ns2.au.ap.domain.com.
>
>au.ap.domain.com. IN NS ns3.au.ap.domain.com.
>
>ns1.au.ap.domain.com. IN A 134.251.131.56
>
>ns2.au.ap.domain.com. IN A 134.251.131.61
>
>ns3.au.ap.domain.com. IN A 134.251.131.50
>
>test.au.ap.domain.com. IN A 172.16.0.1
>
>test1.au.ap.domain.com. IN A 172.16.0.2
>
>test2.au.ap.domain.com. IN A 172.16.0.3
>
>test3.au.ap.domain.com. IN A 172.16.0.4
>
>test4.au.ap.domain.com. IN A 172.16.0.5
>
>test5.au.ap.domain.com. IN A 172.16.0.6
>
>why slave is not getting the updates?
>
I assume you're incrementing the serial # and reloading the zone on the
master, when you make a change, right (or using Dynamic Update, which
does these things automatically)?
If so, then I would point out that you have your notify-source set to
the listen address of the slave instead of the master. By default,
slaves only respect NOTIFYs that come from the master address. So the
slave is probably ignoring the NOTIFYs and it could take up to 3 hours
(your REFRESH setting) for any changes to propagate "naturally".
Is there any particular reason why you set notify-source to the address
of the slave instance? As for transfer-source, I don't know why you felt
the need to set that explicitly (also to the slave instance's address),
since you don't even slave any zones in that (master) instance...
Note that you can use the -b option on later versions of dig to
test/troubleshoot ordinary queries and zone transfers between nameserver
instances on the same box.
- Kevin
More information about the bind-users
mailing list