recovery of zone data from a dynamic upated zone when the server goes down
chrism at sea.checkpoint.com
chrism at sea.checkpoint.com
Wed Nov 7 20:31:45 UTC 2001
Frank,
First and foremost - UPGRADE to a more recent version of BIND,
particularly if you are experiencing crashes. The version that you
have running has *serious* security holes which can be exploited
remotely. Your nameserver crashing for no apparent reason could be a
side-effect of this, and if that is the case, you should probably
analyze that machine for possible intrusions. The current version of
BIND 8 is 8.2.5-REL.
For more information on the security issues, please see:
http://www.isc.org/products/BIND/bind-security.html
You can download BIND 8.2.5-REL from ISC here:
ftp://ftp.isc.org/isc/bind/src/8.2.5/bind-src.tar.gz
You can read the security bulletin from Sun here:
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/204
In regards to your question, dynamic updates are stored in a
"non-volatile location" - to disk. Incoming dynamic updates will be
stored in a log file, usually named <name.of.zone.file>.log. This log
file is merged into the db file approximately once per hour, and when
the nameserver is shut down properly.
In the event of a crash, or other improper shutdown, the log file
remains on disk. When the server is restarted, it will then re-process
the updates from the log file, to restore the nameserver to a
"pre-crash" state.
Hope this helps!
- Chris
--
Chris Moore -- chrism at sea.checkpoint.com
Check Point Software Technologies, Inc. -- The Meta IP Group
http://www.checkpoint.com/products/metaip/index.html
On Wed, 07 Nov 2001 11:54:29 "Pozar, Frank" wrote:
- - - For a dynamically updated zone (using Solaris 5.8 bind 8.2.2-P5 on
- master
- nameserver), how would you recover the dns data if the master server
- goes
- down or crashes???
- - Since the db files on disk do not contain the latest nsupdates how
do
- you
- recover if the system goes down.. In previous mail message, the
- up-to-date
- dns zone data is in a "non-volatile storage location". Is this
- cache???
- When you send a nsupdate command it immediately goes here from my
- understanding..So where is this location and how do you back it up ?
- - - Thanks
- Frank
- -
More information about the bind-users
mailing list