problem with views not updating

Thu Aug 18 09:28:06 UTC 2005

Hi list,
I've got three BIND 9.3.0 servers configured as one hidden master and
two public slaves for my 1100+ zones.

On the hidden master server I've set up a web panel to manage my zones,
with a set of cron scripts to make BIND aware of any changes. Views are
not implemented on this server.
On both the public slaves I've set up two views, let's call them
"internal" and "external". Zones in these views are identical except for
that in the "internal" view I can access only one additional slave zone,
depending on the IP address clients connect from. Thus, I share the same
directory and files for all my zones.

The problem is that only ONE view receives notifies and updates when
changes are made to the zone on the master DNS. I've read some messages
back in this list, I read BIND-FAQ and several books and documents, but
I could find no way out.

Only one view receives notifies and correctly updates, writing to a
file. Because slave zone files are shared, it's odd that each time I
issue a rndc reload both views get updated. 
I also tried to have separate directories, one per view, and I noticed
that only the latter view receives the updates.

Do I need to have views configured on the master DNS as well?

Here is master configuration:

=============================
MASTER named.conf:

....
acl "my-slaves" {
        <ip1-slave1>; <ip1-slave2>; <ip2-slave1>; <ip2-slave2>;
};

acl "my-monitors" { <ip-monitoring>; };

options {
        directory "/var/named";
        dump-file "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";

        listen-on      { <ip1-master>; <ip2-master>; 127.0.0.1; };
#        query-source address * port 53;
        allow-transfer { "my-slaves"; };
        allow-query { 127.0.0.1; "my-slaves"; "my-monitors"; };
        allow-recursion { none; };
        also-notify { <ip2-slave1>; <ip2-slave2>; };
        version "Curiosity killed the cat";
};
...
=============================

and here follows my slaves' configuration (IPs are obiously different)

SLAVES named.conf

=============================
options {
        directory "/var/named";
        dump-file "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";

        listen-on      { <ip1-slave1>; <ip2-slave1>; 127.0.0.1; };
#       query-source address * port 53;
        allow-notify { <ip1-master>; };
        allow-transfer { "my-slaves"; "customers-slaves"; };
        allow-recursion { any; };
        version "Curiosity killed the cat";
};

view "my-service-users" {
        match-clients { "my-service-IPs"; };
        allow-notify { <ip1-master>; <ip2-master>; };
#       transfer-source   <ip2-slave1>;
        zone "myprivatezone.tld"     { type slave; file
"slaves/myprivatezone.tld"; masters { 217.227.165.12; }; };
        zone "."                        { type hint; file "db.cache"; };

        include "/etc/named.conf.slave";
};

view "all-users" {
        match-clients { any; };
        allow-notify { <ip1-master>; <ip2-master>; };
        zone "."                        { type hint; file "db.cache"; };

        include "/etc/named.conf.slave";
};

=============================

Thanks in advance

Mariano

-- 
-------------------------
Mariano Cunietti
System Administrator
20128 - Milano - Italy
Tel.  +39 02 25514319
Fax   +39 02 25514303
mcunietti at enter.it