Allowing zone xfer to slave server -SOLVED
Ryan McCain
Ryan.McCain at dss.state.la.us
Fri Aug 31 17:42:52 UTC 2007
For the 2nd time in one week Im embarassed to admit how this was resolved but I figure it could help someone else down the road.
I was updating the dss.la.gov zone file on the primary DNS server and appending the new DNS records to the end of the file.
I would then go back to the slave server and tail the zone file and wait for it to appear. It never would.
I finally did a cat on the zone file on the secondary server and noticed that the serial # was updating but for some reason my records weren't being added. I took a closer look at the zone file on the secondary server and noticed the DNS records were being sorted sorted alphabetically so my record that started with a "R" wasn't going to appear on the bottom. I had been tailing the zone file waiting for it to appear at the bottom just like I added it on the primary server the whole time.
So, I spent a day thinking things weren't working when in fact they were.
/hides
Thx..
>>> On Fri, Aug 31, 2007 at 11:22 AM, in message
<46D7F9DB.5D1A.003A.0 at dss.state.la.us>, "Ryan McCain"
<Ryan.McCain at dss.state.la.us> wrote:
> Actually dss-dr93la06-s1 resolves to 10.120.11.83 which was a secondary IP
> address which isnt in use anymore. dss-dr93la06-s1 resolves to a secondary IP
> address which doesn't exist anymore. My brain is fried and I should have
> removed them. I am doing that now.
>
> the dss.la.gov zone file is below. Noticed I added NS dns-ext2.
> dns-ext2.dss.state.la.us is an A record in the external dss.state.la.us zone
> that points to 172.20.11.118
>
> $ORIGIN .
> $TTL 3600 ; 1 hour
> dss.la.gov IN SOA dssns.dss.la.gov. admin. (
> 53 ; serial
> 900 ; refresh (15 minutes)
> 600 ; retry (10 minutes)
> 86400 ; expire (1 day)
> 3600 ; minimum (1 hour)
> )
> NS dssns.dss.la.gov.
> NS dssns2.dss.la.gov.
> NS dns-ext2.dss.state.la.us.
> A 205.172.49.49
> MX 10 smtp-ext1.dss.la.gov.
> MX 20 smtp-ext2.dss.la.gov.
> $ORIGIN dss.la.gov.
> dss-cs99lv01-a A 205.172.49.5
> dssns A 199.248.209.34
> dssns2 A 199.248.209.35
> formquesttanf A 205.172.49.17
> formquesttanftrain A 205.172.49.16
> smtp-ext1 A 205.172.49.5
> smtp-ext2 A 205.172.49.7
> webaccess CNAME webaccess.dss.state.la.us.
> www A 205.172.49.49
> wwwapps A 205.172.49.15
> ryan A 205.172.49.100
> $ORIGIN .
>
> ---
>
> Both of these servers are on our internal network and accessible through
> firewall rules. Our internal domain used is dss.state.la.us and one of the
> external domains I want to provide DNS services for is dss.state.la.us so I
> don't know if thats confusing things???
>
>
>
>
>
>
>
>>>> On Thu, Aug 30, 2007 at 4:40 PM, in message
> <e65c4bab0708301440g79782488l33d01112593c9b23 at mail.gmail.com>, "Dawn Connelly"
> <dawn.connelly at gmail.com> wrote:
>> The command is actually:
>> dig @172.20.11.200 dss.la.gov axfr
>> You have to have the axfr for transfer. Otherwise it just queries for a
>> record rather than transfer.
>>
>> I'm assuming that either dss-cs99la45-s1.dss.state.la.us or
>> dss-dr93la06-s1.dss.state.la.us resolves to 172.20.11.118?
>>
>> The also-notify is only needed if there isn't an NS record.
>>
>> Are there any messages in you log files that would provide a hint? Like does
>> your master server have any logs with your slaves IP address or does your
>> slave have any logs regarding this particular domain?
>>
>>
>> On 8/30/07, Ryan McCain <Ryan.McCain at dss.state.la.us> wrote:
>>>
>>> Here is the zone file from the primary DNS server if this helps..
>>>
>>> --
>>>
>>> $ORIGIN .
>>> $TTL 3600 ; 1 hour
>>> dss.la.gov IN SOA dssns.dss.la.gov. admin. (
>>> 53 ; serial
>>> 900 ; refresh (15 minutes)
>>> 600 ; retry (10 minutes)
>>> 86400 ; expire (1 day)
>>> 3600 ; minimum (1 hour)
>>> )
>>> NS dssns.dss.la.gov.
>>> NS dssns2.dss.la.gov.
>>> NS dss-cs99la45-s1.dss.state.la.us.
>>> NS dss-dr93la06-s1.dss.state.la.us.
>>> A 205.172.49.49
>>> MX 10 smtp-ext1.dss.la.gov.
>>> MX 20 smtp-ext2.dss.la.gov.
>>> $ORIGIN dss.la.gov.
>>> dss-cs99lv01-a A 205.172.49.5
>>> dssns A 199.248.209.34
>>> dssns2 A 199.248.209.35
>>> smtp-ext1 A 205.172.49.5
>>> smtp-ext2 A 205.172.49.7
>>> ryan A 205.172.49.100
>>> $ORIGIN .
>>>
>>>
>>>
More information about the bind-users
mailing list