using $INCLUDE with views
Stefan Puiu
stefan.puiu at gmail.com
Tue Oct 10 08:27:34 UTC 2006
On 10/9/06, Bill Moseley <moseley at hank.org> wrote:
> No, I don't think I'm mixing them up. I'm using the views so my
> internal LAN sees a (slightly) different zone than the rest of the
> world.
In your first email you didn't mention that you had a slave server for
the internal/external version of the zone that was failing to fetch
the updated one. That was confusing. Also, see below.
> Nothing was reported in the logs other than normal startup and
> transfer notifications. And the SOA was the first record in the
> included file.
>
>
> That is, the zones looked like this:
>
> ; Hank.org external zone file
> $INCLUDE /etc/bind/hank.org.common
>
> ; External zone sees extra NS servers
> 1D IN NS ns1.twisted4life.com.
> 1D IN NS lucifer.logilune.com.
I think this is wrong. The 9.2 ARM
(http://www.isc.org/index.pl?/sw/bind/arm92/) says:
<quote>
If origin is specified the file is processed with $ORIGIN set to that
value, otherwise the current $ORIGIN is used.
The origin and the current domain name revert to the values they had
prior to the $INCLUDE once the file has been read.
</quote>
(The quote is from:
http://www.isc.org/sw/bind/arm92/Bv9ARM.ch06.html#id2564906).
The origin should default to 'hank.org.' before inclusion and should
be restored to that. However, I don't think the same goes for the
'current domain'.
In fact, I tried a similar setup (I have BIND 9.2.3 on this machine,
it's not for production purposes), and this is what I see in syslog:
Oct 10 11:21:34 tuxws43 named[9050]: /var/lib/named/foo.common:1: no
TTL specified; using SOA MINTTL instead
Oct 10 11:21:34 tuxws43 named[9050]: dns_master_load: foo.zone:3: no
current owner name
It's obvious the 'foo' zone failed to load. A query for the NS record
of the zone returns SERVFAIL, as expected.
foo.zone:
$INCLUDE "/var/lib/named/foo.common"
IN NS localhost.
foo.common:
@ IN SOA localhost. root (
4 ; serial
2D ; refresh
4H ; retry
6W ; expiry
1W ) ; minimum
Basically, very similar to what you have. I'd check those logs once again.
> But, I think it makes sense that the SOA would have to be in the zone
> file and not the $included one -- as any changes in the top zone file
> would require a serial number bump, and, of course, changes can happen
> in the internal view of a zone and not in the external view.
See above - I think you have a different issue here. Normally, I don't
think there should be problems (unless you want to be abel to
dynamically update one version of the zone using DDNS), however, you
have to write the zone file properly - i.e., add an owner to the NS
records after the $INCLUDE:
hank.org. 1D IN NS ns1.twisted4life.com.
1D IN NS lucifer.logilune.com.
HTH,
Stefan.
>
>
>
> --
> Bill Moseley
> moseley at hank.org
>
>
>
More information about the bind-users
mailing list