Setting up a fake "primary" DNS to feed off another, invisible DNS

Barry Margolin barmar at bbnplanet.com
Thu Aug 26 20:35:29 UTC 1999 

In article <8Odx3.6355$ei1.12309 at newsfeeds.bigpond.com>,
Reuben Farrelly <reubie at bigpond.com> wrote:
>I would like to run this script on my own workstation, and not on the
>primary dns (pridns).  Assume that my workstation is accessable by pridns
>and therefore pridns can do zone transfers from me.  I want to be able to
>generate the zones on my workstation, and have pridns and secdns pick up the
>zones, however I do not want my workstation name to appear in the zone
>files, and once the zone transfer is complete to pridns, I want it to act as
>a primary and not contact my workstation to check for updates unless I
>change the record on my workstation, and therefore it gets sent a NOTIFY.
>
>(1) Is this scenario possible, or would I need to configure pridns as a
>secondary?  Configuring it as a secondary may solve the problem, but may
>also turn nasty in the long term if I leave the company and/or someone else
>takes over this role, as the config for pridns would need to be modified a
>lot to change all secondary entries to primary ones

If you want to use zone transfers, you have to make it a secondary server.
You can configure the Refresh time to be very high, so it won't check for
updates from the hidden primary very often.

An alternative is to use some other mechanism to get the files onto pridns,
such as scp.  Then you can configure it as a primary server.  That's what
we do.  We have scripts that build our named.conf and zone files for all
our servers from a database, and they use rsync to copy the files onto the
appropriate servers.

>(2) Pridns and secdns are running BIND 8.12, but I am running BIND 8.21 on
>my workstation.  Will specifying $TTL in my workstation zone files affect
>the behaviour of pridns?   [Am I correct in assuming that the $TTL field
>won't be transferred as part of the zone transfer?]  Incidentally, what
>would happen if all of the DNS's were running 8.21, does the $TTL value get
>transferred then?  Remember that I really want pridns to act and be
>configured as a primary :>

$TTL doesn't get transferred.  Zone transfers just transfer resource
records.  $<directive> lines in zone files are used by BIND to tell it how
to interpret the rest of the file.

>(3) Can I add new zones to pridns by generating them on my own workstation
>and then allowing BIND to issue a NOTIFY, or will this only work on zones
>which are already specified in the primary file?  Will this work or not work
>for the secdns as well?

It will only work for zones that are already in pridns's and secdns's
named.conf file.  To create a new zone on a server you have to edit
named.conf.

-- 
Barry Margolin, barmar at bbnplanet.com
GTE Internetworking, Powered by BBN, Burlington, MA
*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
Please DON'T copy followups to me -- I'll assume it wasn't posted to the group.

More information about the bind-users mailing list