Getting dynamic entries into their db files
Hauke Lampe
list+bindusers at hauke-lampe.de
Sat Jun 27 19:02:04 UTC 2009
Hello John.
Cherney John-CJC030 wrote:
[rndc freeze <zone>]
> Thanks! I hadn't tried that. I have a problem with that, though. I don't
> know which of my ~600 zones will or won't have dynamic updates.
Well, if there is a .jnl file for a zone, it needs to be flushed. A bit
of shell scripting can generate the rndc freeze and thaw commands.
Dynamic updates issued while a zone is frozen will be lost, unless the
updating application handles the error and retries often enough. So you
probably don't want to freeze zones too long.
> It
> doesn't appear that there is a way to do an rndc freeze on all of my
> zones at once, or pass a wildcard in as the zone name.
Indeed. I don't know a way to force BIND to write out all zone files
without interrupting normal service. Maybe the folks on bind-users know
more.
AFAIK, the nearest you can get is to set "flush-zones-on-shutdown" and
restart the nameserver:
| flush-zones-on-shutdown
| When the nameserver exits due receiving SIGTERM, flush or
| do not flush any pending zone writes.
| The default is flush-zones-on-shutdown no.
Also keep in mind that flushing the journal removes IXFR availability up
to the current serial number, although this point shouldn't matter much
if all slaves are already in sync.
I agree with Mark, though, that static backups of dynamic zones are
often useless, except for emergencies where all authoritative servers
lost the zone.
If you restore zones and journals from backup, you lose changes from the
timeframe between the snapshot and restoration and need to force a
retransfer on all slave servers or manually increase the serial number.
It's probably better to sync the current zone from a secondary server
before re-enabling dynamic updates.
Hauke.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: OpenPGP digital signature
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20090627/ffe54cf4/attachment.bin>
More information about the bind-users
mailing list