rndc reload <zone> doesn't send notify

Thu Apr 12 15:17:10 UTC 2007

Hi,
maybe you want to give "also-notify " a shoot
also-notify      { slave_server_ip; };

Wael
----- Original Message ----- 
From: "Feargal Reilly" <feargal at fbi.ie>
To: <bind-users at isc.org>
Sent: Thursday, April 12, 2007 4:00 PM
Subject: rndc reload <zone> doesn't send notify


> Hi,
> This is probably a very stupid problem, but I'm too stupid to
> recognise it...
> 
> I've been having problems getting notify messages passed from a
> master to a slave.
> 
> I have two nameservers, a master called ns1.example.com, and a
> slave, ns2.example.com. Everything had worked fine, when I
> updated a zone on ns1, rndc relad on the zone would notify ns2,
> and it would successfully transfer the updated zone.
> 
> Today I moved ns1 on to a new host, by copying all the config
> files to the new host, stopping the old host from listening on
> that IP, and starting it on the new host. It appeared to work
> fine, and is happily responding to queries.
> 
> However, I'm having a problem getting it to send notifies to ns2
> when a zone is updated.
> 
> The old ns1 ran BIND 9.3.0, the new one is running 9.3.4
> 
> If I increment the serial for a zone and run "rndc reload
> domain.example" the notify does not appear to get sent to ns2 -
> certainly nothing shows up under notify or xfers on ns2.
> 
> On ns1, the following gets logged in the notify category:
> 
> 12-Apr-2007 11:31:14.881 info: zone domain.example/IN: sending
> notifies (serial 2007041214)
> 
> 12-Apr-2007 12:18:23.360 debug 3: zone domain.example/IN:
> sending notify to 10.0.115.27#53
> 
> 12-Apr-2007 12:18:23.360 debug 2: zone domain.example/IN: notify
> to 10.0.115.27#53 failed : operation canceled
> 
> When I proceed to restart named on ns2, it transfers the
> domain.example zones correctly, so it doesn't appear to be a
> problem with the transfer - it doesn't get that far.
> 
> Possible causes I've thought of and discounted are:
> 
> 1) Serial not being incremented - Nope, I'm doing that.
> 
> 2) Firewall - Don't think this is an issue, I've opened up all
> tcp and udp traffic between the two hosts and can run:
> 
> ns1> dig @ns2.example.com domain.example soa
> ns1> telnet ns2.example.com 53
> 
> ns2> dig @ns1.example.com domain.example soa
> ns2> telnet ns1.example.com 53
> 
> 3) Time syncronization - both servers run ntpd and show the same
> time, and I can't find any relevant messages in the logs.
> 
> 4) TSIG Key changes - I haven't changed the config at all, and I
> can't find anything in the logs related to this.
> 
> 5) IP changes - again, there shouldn't be any, as I did not have
> to change any IP addresses for the move, just change which host
> listened on the IP for ns1. ns2 isn't even on the same network,
> and I use notify-source and transfer-source in my confif so it
> really shouldn't have noticed any difference at all.
> 
> I've looked over CHANGES and can't see anything, the 'operation
> canceled' message is defined as ISC_R_CANCELED, but there's
> about 60 instances of it being used, and I can't see where it's
> being triggered here.
> 
> Any suggestions?
> 
> Thanks,
> -fr.
> 
> -- 
> Feargal Reilly, Chief Techie, FBI.
> PGP Key: 0xBD252C01 (expires: 2006-11-30)
> Web: http://www.fbi.ie/ | Tel: +353.14988588 | Fax: +353.14988489
> Communications House, 11 Sallymount Avenue, Ranelagh, Dublin 6.
> 
>