primary & secondary dns-servers
phn at icke-reklam.ipsec.nu
phn at icke-reklam.ipsec.nu
Wed Feb 12 09:42:39 UTC 2003
Anoop Aryal <aaryal at foresightint.com> wrote:
> On Fri, 31 Jan 2003 01:44:14 +0000, Mark_Andrew wrote:
>>
>>> Hi,
>>>
>>> I have 2 nameservers:
>>> ns1.sadjieds-network.com (80.126.40.182) (in network: 192.168.0.1) <-- my pc
>>> ns2.sadjieds-network.com (81.23.237.234) (not in network) <-- my dedicated
>>> server
>>>
>>> When I put a line in to my /var/named/sadjieds-network.com.hosts or
>>> /etc/named.conf, how can it be automaticaly updated on
>>> ns2.sadjieds-network.com ??
>>
>> Well when you change the contents of
>> /var/named/sadjieds-network.com.hosts you should also be updating
>> the serial number. When the zone is reloaded the nameserver will
>> send out a NOTIFY to ns2.sadjieds-network.com which will trigger
>> a refresh probe. If the NOTIFY is lost then ns2.sadjieds-network.com
>> will perform a refresh probe based on the timers in the SOA record.
>>
>> If you are adding a zone you need to update both named.confs.
>>
>> Mark
> i have two servers (ns1 and ns2) both running DHCP and BIND. the purpose
> being failover and dynamic DNS (forward and reverse). As of right now, i
> have ns2 as the slave which correctly gets NOTIFY-ed of update to the
> appropriate zones and so both the name servers are in sync. the only way
> that i could figure out to configure the DHCP was to make it make update
> to the primary name server (ns1) with the following configuration:
> zone mydomain.com.{
> primary ns1;
> key XYZ;
> }
> on both ns1 and ns2. ie., both the DHCP servers update BIND on ns1 which
> then notifies BIND on ns2. but now i have a single point of failure. if
> BIND on ns1 dies, neither DHCP servers can make updates. is there a way to
> have DHCP make update to either server (BIND on ns1 and ns2)? is there any
> other way for me to get rid of this single point of failure?
> thanks,
> Anoop
No. See it like this : the client trying the DHCP/DYNUPDATE is a singular
failure point ! So you can make the whole chain redundant and still
get failures
What coule be done in your case is twofold :
1/ stop using DYNUPDATE, instead create fixed matching forward/reverse DNS
entries ( sa dhcp-1.org.tld ) No application is, as far as i am aware,
needing that dns and the local hostname aggrees
2/ set up two non-overlapping DHCP servers , then let the clients
choose for itself.
--
Peter Håkanson
IPSec Sverige ( At Gothenburg Riverside )
Sorry about my e-mail address, but i'm trying to keep spam out,
remove "icke-reklam" if you feel for mailing me. Thanx.
More information about the bind-users
mailing list