primary & secondary dns-servers

phn at icke-reklam.ipsec.nu phn at icke-reklam.ipsec.nu
Wed Feb 12 09:42:39 UTC 2003 

Anoop Aryal <aaryal at foresightint.com> wrote:
> On Fri, 31 Jan 2003 01:44:14 +0000, Mark_Andrew wrote:

>> 
>>> Hi,
>>> 
>>> I have 2 nameservers:
>>> ns1.sadjieds-network.com (80.126.40.182) (in network: 192.168.0.1) <-- my pc
>>> ns2.sadjieds-network.com (81.23.237.234) (not in network) <-- my dedicated
>>> server
>>> 
>>> When I put a line in to my /var/named/sadjieds-network.com.hosts or
>>> /etc/named.conf, how can it be automaticaly updated on
>>> ns2.sadjieds-network.com ??
>> 
>> 	Well when you change the contents of
>> 	/var/named/sadjieds-network.com.hosts you should also be updating
>> 	the serial number.  When the zone is reloaded the nameserver will
>> 	send out a NOTIFY to ns2.sadjieds-network.com which will trigger
>> 	a refresh probe.  If the NOTIFY is lost then ns2.sadjieds-network.com
>> 	will perform a refresh probe based on the timers in the SOA record.
>> 
>> 	If you are adding a zone you need to update both named.confs.
>>  
>> 	Mark

> i have two servers (ns1 and ns2) both running DHCP and BIND. the purpose
> being failover and dynamic DNS (forward and reverse). As of right now, i
> have ns2 as the slave which correctly gets NOTIFY-ed of update to the
> appropriate zones and so both the name servers are in sync. the only way
> that i could figure out to configure the DHCP was to make it make update
> to the primary name server (ns1) with the following configuration:
> zone mydomain.com.{
> 	primary ns1;
> 	key XYZ;
> }
> on both ns1 and ns2. ie., both the DHCP servers update BIND on ns1 which
> then notifies BIND on ns2. but now i have a single point of failure. if
> BIND on ns1 dies, neither DHCP servers can make updates. is there a way to
> have DHCP make update to either server (BIND on ns1 and ns2)? is there any
> other way for me to get rid of this single point of failure?

> thanks,
> Anoop

No.  See it like this : the client trying the DHCP/DYNUPDATE is a singular
failure point !  So you can make the whole chain redundant and still 
get failures 

What coule be done in your case is twofold :
1/ stop using DYNUPDATE, instead create fixed matching forward/reverse DNS
entries ( sa dhcp-1.org.tld ) No application is, as far as i am aware, 
needing that dns and the local hostname aggrees

2/ set up two non-overlapping DHCP servers , then let the clients
choose for itself.




-- 
Peter Håkanson         
        IPSec  Sverige      ( At Gothenburg Riverside )
           Sorry about my e-mail address, but i'm trying to keep spam out,
	   remove "icke-reklam" if you feel for mailing me. Thanx.

More information about the bind-users mailing list