Primary name server updates propagating to secondary
Oscar Usifer
oscaruser at programmer.net
Mon Jan 28 22:52:24 UTC 2008
Folks,
Our primary name server, (bind-9.3.4) currently set up to resolve
our server host names, needs to propagate changes to our secondary
name server. From nslookup I see that the A records has propagated,
but the SOA record has not. If the primary name server goes off
line, does that imply that the hostname translation will not
resolve? The following is part of our primary and secondary /etc/named.conf file (modified for
illustration purposes). If this is the case, how can I cause our secondary NS to list the SOA record?
Thanks,
-OSC
osc at frag ~]$ nslookup mysite2.com primary_ns
Server: primary_ns
Address: x.x.132.253#53
Name: mysite2.com
Address: x.x.132.140
[osc at frag ~]$ nslookup mysite2.com secondary_ns
Server: secondary_ns
Address: x.x.132.252#53
Non-authoritative answer:
Name: mysite2.com
Address: x.x.132.140
[osc at frag ~]$
// primary name server /etc/named.conf
acl secondaries {
<secondary ip addr>; /* our secondary ns ip addr */
};
acl trusted {
127.0.0.1;
192.168.2.0/24;
192.168.1.0/24;
y.y.132.128/25;
y.y.52.1;
};
acl drop {
z.0.0.0/24;
};
logging {
channel my_syslog {
syslog local2;
severity debug;
};
category default { my_syslog; };
category lame-servers { null; };
};
options {
directory "/var/named";
pid-file "/var/run/named/named.pid";
statistics-file "/var/run/named/named.stats";
datasize 64M;
cleaning-interval 5;
transfer-format many-answers;
max-transfer-time-in 60;
interface-interval 0;
allow-transfer {
secondaries;
};
allow-query {
trusted;
};
blackhole {
drop;
};
};
view "all-in-one" in {
allow-query { any; };
match-clients { any; };
recursion yes;
allow-recursion {
trusted;
};
additional-from-auth yes;
additional-from-cache yes;
zone "." in {
type hint;
file "root.cache";
};
zone "127.in-addr.arpa" in {
type master;
file "master/127.in-addr.arpa";
allow-query {
any;
};
allow-transfer {
none;
};
};
zone "localhost" in {
type master;
allow-query { any; };
file "master/localhost";
};
zone "0.in-addr.arpa" {
type master;
allow-query { any; };
file "master/0.in-addr.arpa";
};
zone "255.in-addr.arpa" {
type master;
allow-query { any; };
file "master/255.in-addr.arpa";
};
zone "com." {
type delegation-only;
};
zone "net." {
type delegation-only;
};
zone "0.168.192.in-addr.arpa" IN {
type master;
file "master/0.168.192.in-addr.arpa";
allow-update { none; };
allow-transfer { secondaries; };
notify yes;
};
zone "1.168.192.in-addr.arpa" IN {
type master;
file "master/1.168.192.in-addr.arpa";
allow-update { none; };
allow-transfer { secondaries; };
notify yes;
};
zone "2.168.192.in-addr.arpa" IN {
type master;
file "master/2.168.192.in-addr.arpa";
allow-update { none; };
allow-transfer { secondaries; };
notify yes;
};
zone "5.168.192.in-addr.arpa" IN {
type master;
file "master/5.168.192.in-addr.arpa";
allow-update { none; };
allow-transfer { secondaries; };
notify yes;
};
zone "mysite.com" IN {
type master;
file "master/mysite.com";
allow-update { none; };
allow-transfer { secondaries; };
notify yes;
};
zone "mysite2.com" IN {
type master;
file "master/mysite.com";
allow-update { none; };
allow-transfer { secondaries; };
notify yes;
};
zone "test.mysite.com" IN {
type master;
file "master/test.mysite.com";
allow-update { none; };
allow-transfer { secondaries; };
notify yes;
};
zone "test.mysite3.com" IN {
type master;
file "master/test.mysite.com";
allow-update { none; };
allow-transfer { secondaries; };
notify yes;
};
zone "mysite.cn" IN {
type master;
file "master/mysite.com";
allow-update { none; };
allow-transfer { secondaries; };
notify yes;
};
zone "mysite1.cn" IN {
type master;
file "master/mysite.com";
allow-update { none; };
allow-transfer { secondaries; };
notify yes;
};
zone "mysite2.cn" IN {
type master;
file "master/mysite.com";
allow-update { none; };
allow-transfer { secondaries; };
notify yes;
};
zone "mysite3.cn" IN {
type master;
file "master/mysite.com";
allow-update { none; };
allow-transfer { secondaries; };
notify yes;
};
zone "128-255.132.x.x.in-addr.arpa" IN {
type master;
file "master/128-255.132.x.x.in-addr.arpa";
allow-update { none; };
allow-transfer { secondaries; };
notify yes;
};
};
view tighten-chaos chaos {
match-clients { any; };
recursion no;
zone "." chaos {
type hint;
file "/dev/null";
};
zone "bind" chaos {
type master;
file "master/bind.chaos";
allow-query { none; };
allow-transfer { none; };
};
};
key "xxxx" {
algorithm xxxx;
secret "xxxxx";
};
// secondary name server /etc/named.conf
acl secondaries {
localhost;
};
acl trusted {
localhost;
192.168.2.0/24;
192.168.1.0/24;
y.y.132.128/25;
};
acl drop {
z.0.0.0/24;
};
logging {
channel my_syslog {
syslog local2;
severity debug;
};
category default { my_syslog; };
category lame-servers { null; };
};
options {
directory "/var/named";
pid-file "/var/run/named/named.pid";
statistics-file "/var/run/named/named.stats";
datasize 64M;
cleaning-interval 5;
transfer-format many-answers;
max-transfer-time-in 60;
interface-interval 0;
allow-transfer {
secondaries;
};
allow-query {
trusted;
};
blackhole {
drop;
};
};
view "all-in-one" in {
allow-query { any; };
match-clients { any; };
recursion yes;
allow-recursion {
trusted;
};
additional-from-auth yes;
additional-from-cache yes;
zone "." in {
type hint;
file "root.cache";
};
zone "127.in-addr.arpa" in {
type master;
file "master/127.in-addr.arpa";
allow-query {
any;
};
allow-transfer {
none;
};
};
zone "localhost" in {
type master;
allow-query { any; };
file "master/localhost";
};
zone "0.in-addr.arpa" {
type master;
allow-query { any; };
file "master/0.in-addr.arpa";
};
zone "255.in-addr.arpa" {
type master;
allow-query { any; };
file "master/255.in-addr.arpa";
};
zone "com." {
type delegation-only;
};
zone "net." {
type delegation-only;
};
zone "0.168.192.in-addr.arpa" IN {
type slave;
file "slave/0.168.192.in-addr.arpa";
masters { <primary name server ip>; };
allow-transfer { none; };
notify no;
};
zone "1.168.192.in-addr.arpa" IN {
type slave;
file "slave/1.168.192.in-addr.arpa";
masters { <primary name server ip>; };
allow-transfer { none; };
notify no;
};
zone "2.168.192.in-addr.arpa" IN {
type slave;
file "slave/2.168.192.in-addr.arpa";
masters { <primary name server ip>; };
allow-transfer { none; };
notify no;
};
zone "5.168.192.in-addr.arpa" IN {
type slave;
file "slave/5.168.192.in-addr.arpa";
masters { <primary name server ip>; };
allow-transfer { none; };
notify no;
};
zone "mysite.com" IN {
type slave;
file "slave/mysite.com";
masters { <primary name server ip>; };
allow-transfer { none; };
notify no;
};
zone "test.mysite.com" IN {
type slave;
file "slave/test.mysite.com";
masters { <primary name server ip>; };
allow-transfer { none; };
notify no;
};
zone "128-255.132.x.x.in-addr.arpa" IN {
type slave;
file "slave/128-255.132.x.x.in-addr.arpa";
masters { <primary name server ip>; };
allow-transfer { none; };
notify no;
};
};
view tighten-chaos chaos {
match-clients { any; };
recursion no;
zone "." chaos {
type hint;
file "/dev/null";
};
zone "bind" chaos {
type master;
file "master/bind.chaos";
allow-query { none; };
allow-transfer { none; };
};
};
key "xxxx" {
algorithm xxxx;
secret "xxxxxxxx";
};
--
Want an e-mail address like mine?
Get a free e-mail account today at www.mail.com!
More information about the bind-users
mailing list