Running Multiple Primary Master Name Servers for theSame Zone (on a Dynamically Updated Zone)

Kevin Darcy kcd at daimlerchrysler.com
Thu Aug 18 01:27:49 UTC 2005 

Well, diff is a text-based utility, but .jnl files are binary. I could 
easily see diff getting confused if you try to diff .jnl files directly.

Why wouldn't you do a journalprint on both masters and then compare the 
*output* of those journalprints?

I hope you realize that you'll need to come up with a 
conflict-resolution mechanism. If a record gets added on one master, and 
deleted on the other, what should the end result be, existence or 
non-existence? Does one master or Dynamic Update client have precedence 
over the other? Do you determine precedence based on the relative 
timestamps of the updates, and do your timestamps have enough 
granularity? This is a knotty problem faced by all "multi-master" 
implementations. Failure to provide a robust conflict-resolution 
mechanism can result in "cycling" between adds and deletes of the same 
record between masters, which, if you accumulate enough of them, can 
result in meltdown.

Another challenge consists of Dynamic Updates with prerequisites in 
them: given that your propagation time is not going to be instantaneous, 
how can a given master reliably check prerequisites? What if you commit 
an update with a prerequisite on one master, then immediately 
afterwards, you get a "sync" from the other master that invalidates the 
prerequisite? Do you rollback the update? Now the client thinks the 
update succeeded, but it's not in DNS, so it could get confused. Or do 
you just ignore the fact that the prerequisite _would_not_have_ been 
met, in which could you could get exactly the garbage data in DNS that 
the prerequisite was intended to prevent, e.g. the same name resolving 
to multiple IP addresses, an "accidental" round-robin, as it were.

                                                                         
                                                            - Kevin

Smith, Earl (Exchange) wrote:

>-- Attached file included as plaintext by Ecartis --
>
>Let me see if I can phrase this more clearly than I did yesterday, and
>maybe I can get a response.
>
> 
>
>I want to run dual primary master name servers for the same zone.  This
>Is described in Cricket's DNS Cookbook recipe 5.25.  However, there it
>describes the problem of doing this with dynamically updated zones.  I'm
>only interested in the reverse zone, because it is dynamically updated
>beyond my control by the PCs.
>
> 
>
>Will I accomplish what I want to do by running a cron job say every five
>minutes that does the following:
>
>1.	do a diff between <zone>.jnl and <zone>.jnl.old to pick out the
>records I haven't yet processed
>2.	copy <zone>.jnl to <zone>.jnl.old
>3.	take the output of the diff (using journalprint) and grep out
>the PTR records, and grep out the ones with the forward zone that only
>the PCs belong to
>4.	process these records using nsupdate against the "other" Primary
>Master Name Server.
>
> 
>
>Anybody see any problems, or does anyone actually think this will work?
>
> 
>
>Earl M. Smith
>
>emsmith at bear.com
>
>beeper  917-401-0087
>
>cell       201-390-6893
>
>desk     212-272-1502 (not often there)
>
> 
>
>
>
>
>
>
>
>  
>

More information about the bind-users mailing list