syncronizing 2 dns server (windows/linux)

Sat Sep 24 02:31:16 UTC 2005

Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline
Thanks for the info. The whole linux/windows setup is definitely limiting, =
I
agree.

Also, I am manually maintaining these files and I just wanted to make sure =
I
was doing it correctly. So if I use the origin, I dont need the @ for lines
that have no reference... ie: the spf record... ?

Thanks for the help.

On 9/23/05, Kevin Darcy <kcd at daimlerchrysler.com> wrote:
>
> Josh Hyles wrote:
>
> >Content-Type: text/plain; charset=3DISO-8859-1
> >Content-Transfer-Encoding: quoted-printable
> >Content-Disposition: inline
> >I am trying to figure out the best way to sync two server that are of
> >different platforms. I want to somehow make all the files the exact same
> an=3D
> >d
> >it would be nice if I didnt have to create the zones on both machines. I=
s
> >this possible? I already have it so that I can update ns1 and ns2 will
> take
> >the affects, but I want to make a new zone on ns1 and have it create it
> on
> >ns2 as well.
> >
>
> There is no standard way to make a slave automatically generate a
> slave-zone definition when a zone appears on the master server. One
> common way is just to abandon the standard zone-transfer paradigm and
> use something like rsync to copy over the master's whole config
> (named.conf and zones files) to the slave periodically, along with a
> reload of course so that the slave picks up the changes. Or you could
> cobble together some script (as I have) that runs on the slave, figures
> out what it should or shouldn't be slaving (based on the contents of a
> special "index" zone, or by carefully walking the internal namespace),
> and reconfigures itself accordingly. Being that one of these boxes is
> Windows, your option in this regard may be somewhat limited.
>
> >Also, is there an app that will analyze your zone files to mak=3D
> >e
> >sure the syntax is right? I have the following that I'm trying to figure
> ou=3D
> >t
> >which one is done correctly.... here is the first which uses an $ORIGIN
> >tag....
> >
> >$ORIGIN .
> >
> >
> >>$TTL 86400 ; 1 day
> >>haiericemachine.com <http://haiericemachine.com> <
> http://haiericemachine.com> IN SOA
> >>ns1.goatinatree.com <http://ns1.goatinatree.com> <
> http://ns1.goatinatree.com>. root.haiericemachine.co=3D
> >>
> >>
> >m<http://root.haiericemachine.com>.
> >
> >
> >>(
> >>2004170901 ; serial
> >>28800 ; refresh (8 hours)
> >>7200 ; retry (2 hours)
> >>604800 ; expire (1 week)
> >>86400 ; minimum (1 day)
> >>)
> >>NS ns1.goatinatree.com <http://ns1.goatinatree.com> <
> http://ns1.goatinatree.com>.
> >>NS ns2.goatinatree.com <http://ns2.goatinatree.com> <
> http://ns2.goatinatree.com>.
> >>A 216.117.131.89 <http://216.117.131.89> <http://216.117.131.89>
> >>$ORIGIN haiericemachine.com <http://haiericemachine.com> <
> http://haiericemachine.com>.
> >>www A 216.117.131.89 <http://216.117.131.89> <http://216.117.131.89>
> >>
> >>
> >
> >
> >
> >And here is one that doesnt....
> >
> >@ IN SOA ns1.goatinatree.com <http://ns1.goatinatree.com> <
> http://ns1.goatinatree.com>.
> >
> >
> >>root.wisdomofwellnessproject.com<http://root.wisdomofwellnessproject.co=
m><
> http://root.wisdomofwellnessproject.com=3D
> >>.
> >>(
> >>2004050801 ; serial number
> >>3600 ; refresh
> >>7200 ; retry
> >>604800 ; expire
> >>86400 ) ; default TTL
> >>
> >>;
> >>; Zone NS records
> >>;
> >>
> >>@ NS ns1.goatinatree.com <http://ns1.goatinatree.com> <
> http://ns1.goatinatree.com>.
> >>@ NS ns2.goatinatree.com <http://ns2.goatinatree.com> <
> http://ns2.goatinatree.com>.
> >>
> >>;
> >>; Zone records
> >>;
> >>
> >>@ A 216.117.131.89 <http://216.117.131.89> <http://216.117.131.89>
> >>@ MX 5 mail.wisdomofwellnessproject.com<http://mail.wisdomofwellnesspro=
ject.com>
> <http://mail.wisdomofwellnessproje=3D
> >>
> >>
> >ct.com <http://ct.com>>
> >
> >
> >>.
> >>ftp A 216.117.131.89 <http://216.117.131.89> <http://216.117.131.89>
> >>mail A 216.117.131.89 <http://216.117.131.89> <http://216.117.131.89>
> >>www A 216.117.131.89 <http://216.117.131.89> <http://216.117.131.89>
> >>
> >>
> >>
> >>
> >
> >Which one of these files is right? they both work, but which is better?
> >
> named-checkzone from the BIND distribution can check a zone for
> syntactical correctness.
>
> Which zonefile format is "better" is a matter of taste and preference.
> Assuming you're maintaining these zone files manually, then it's really
> a matter of what you're more comfortable with. If you're _not_
> maintaining them manually, then why do you really care what they look
> like as long as they work?
>
>
> - Kevin
>
>
>
>