Modified a zone, so when it becomes available?

Tue Sep 15 12:16:25 UTC 2009

Marcos Lorenzo de Santiago schrieb:
> El mar, 15-09-2009 a las 11:50 +0100, Cathy Almond escribió:
>> Marcos Lorenzo de Santiago wrote:
>>> El mar, 15-09-2009 a las 07:04 -0300, Leonardo Rodrigues escribió:
>>>> Marcos Lorenzo de Santiago escreveu:
>>>>> When I modify a RR or add a new one on an existing zone, I have to
>>>>> restart master server to make the change available. Is there any other
>>>>> way to reload the zone without stopping bind?
>>>>>
>>>>> I've tried with:
>>>>> 	- rdnc reload [zone]
>>>>> 	- rndc reconfig [zone]
>>>>> 	- rndc refresh [zone]
>>>>>
>>>>> Am I missing anything?
>>>>>   
>>>>     'rndc reload' is enough to make the zones being re-read and 
>>>> new/updated records available.
>>>>
>>>>     Problably you're missing:
>>>>
>>>> 1) to increment the zone serial ... if you dont do that, bind wont know 
>>>> you updated the zone. That's important, ALWAYS update the serial when 
>>>> changing/adding records;
>>> I always update the serial, I know little but I know this ;)
>>>
>>>> 2) your DNS server itself is using another DNS server which is caching 
>>>> the records, so cache needs to expire so new/updated records can be 
>>>> seen. You can have your DNS server using itself (127.0.0.1) as DNS 
>>>> server, that should solve if this is the problem;
>>> This master server is its own server, so that's not the case...
>>>
>>> After making changes to zone, updated serial, and rndc reload, I dig my
>>> zone and get always the old serial. The serial and the changes only
>>> appear when I '/etc/init.d/bind restart' it.
>>>
>>> I use bind 9.5.1 on debian 5.0.3.
>>>
>>> Any clue?
>>>
>>> Thanks in advance.
>>>
>> Are your zone file modification timestamps being updated when you make
>> changes?
> 
> Yes, it updates as I write on the zone file. What shocks me too is that
> every while the zone file timestamp updates automatically I think due to
> bind's strange beahaviour, my configuration is as follows, nothing
> fancy:
> 
> options {
> 	listen-on { any; };
>         directory "/var/cache/bind";
>         query-source address 10.5.20.11 port 53;
>         version "hidden";
> 	allow-notify { none; };
> 	allow-transfer { slaves-dmz; };
> 	transfer-source 10.5.20.11;
> 	allow-query { slaves-dmz; localhost; };
> 	forwarders { 10.5.20.12; 10.5.20.13; };
> 	forward only;
> 	transfers-in 100;
> 	recursion yes;
> };
> include "/etc/bind/dmz/zones";
> 
> 
> Where "zones" is a file containing another 'include' statements with the
> zone configuration of each domain like:
> 
> include "/etc/bind/zone1.conf";
> include "/etc/bind/zone2.conf";
> ...
> include "/etc/bind/zoneN.conf";
> 
> 
> My server is chrooted and, otherwise everything else works fine.
> 

Please forgive my naivety if this is totally wrong but
I don't have a chrooted bind environment to verify this atm.

But doesn't the init script in some distributions copy the
configuration files (including zone files) into the chroot
joil because bind cannot access them in /etc from there?
That could explain why it works when you use the init script
to restart bind but it doesn't when you do rndc reload -
the modified files don't get copied into the jail with
rndc reload.

Kind regards