Dynamic DNS with secondary nameserver?
Kevin Darcy
kcd at chrysler.com
Thu Dec 2 22:35:55 UTC 2010
You should have been able to use nsupdate or some other DDNS client tool
to add that NS record less disruptively than you did.
Understand that "rndc freeze" doesn't cause updates received in the
interim to be queued in some private area and applied later -- it causes
them to be *refused* and thus, for most DDNS clients, dropped. So it's
not something you want to do unless either a) you're sure there is no
Dynamic Update activity, b) you don't care about the updates being
dropped, c) you're sure your DDNS clients will recognize the REFUSED
condition and retry later, and/or d) it's an absolute emergency situation.
- Kevin
On 12/1/2010 3:42 PM, Sean Thomas Caron wrote:
> Hi Sten,
>
> Thanks for the response; you made me re-think the issue in such a way
> that I ended up solving the problem (I think).
>
> I was going to copy and paste the NS definitions in the main zone file
> to show how I had defined the two nameservers for the subdomain and
> found that I had missed a period in there.
>
> ddns.sph.umich.edu. IN NS ns2.sph.umich.edu.
> ^ forgot this!
>
> I also had to rndc freeze the dynamic subdomain, go back into the zone
> file for the subdomain, and add the slave nameserver in there as well:
>
> ddns.sph.umich.edu IN SOA dns.sph.umich.edu.
> hostmaster.sph.umich.edu. (
> 2007024415 ; serial
> 3600 ; refresh (1 hour)
> 1800 ; retry (30 minutes)
> 2419200 ; expire (4 weeks)
> 86400 ; minimum (1 day)
> )
> NS dns.sph.umich.edu.
> NS ns2.sph.umich.edu.
> ^ added this line.
>
> I was a little confused because the dynamic subdomain has been split
> off into a different file from the main zone file and I erroneously
> assumed that the DDNS subdomain would "inherit" the NS records defined
> for the parent zone. Limited experience with DDNS so I wasn't sure how
> much of that ddns.sph.umich.edu.hosts file was actually being used and
> how much of the magic was in the journal file.
>
> So I will continue to monitor this but I think I am all set now; sorry
> to trouble everyone with this query. Indeed it works with slaves, as
> one would expect, as long as you watch the typos and keep your files
> straight!
>
> Best,
>
> -Sean
>
>
> Quoting Sten Carlsen <stenc at s-carlsen.dk>:
>
>> How did you tell the primary server who to notify?
>>
>> It should be listed in a NS RR. You can also look at the also-notify
>> option.
>>
>> Is the slave allowed to transfer the zone, if not even a notify will not
>> work.
>>
>>
>> On 01/12/10 21:09, Sean Thomas Caron wrote:
>>> Hi folks,
>>>
>>> We have an ISC DHCP server here feeding dynamic DNS updates to a BIND
>>> 9 machine and it has generally been working fine.
>>>
>>> Now I am trying to add a slave nameserver to the zone and it works
>>> fine for the static hosts but none of the dynamic DNS updates seem to
>>> propagate to the slave.
>>>
>>> On the master, I have the dynamic sub-domain configured as follows:
>>>
>>> zone "ddns.sph.umich.edu" in {
>>> type master;
>>> file "/etc/bind/ddns.sph.umich.edu.hosts";
>>> notify yes;
>>> allow-update { key dhcpupdate; };
>>> };
>>>
>>> This works great; the DHCP server feeds updates to the primary DNS
>>> server, no problem.
>>>
>>> On the slave, I set it up as so:
>>>
>>> zone "ddns.sph.umich.edu" in {
>>> type slave;
>>> masters { 141.211.51.166; };
>>> notify no;
>>> file "/etc/bind/ddns.sph.umich.edu.hosts";
>>> };
>>>
>>> When a host comes up on DHCP, the primary server picks it up fine:
>>>
>>>> server 141.211.51.166
>>> Default server: 141.211.51.166
>>> Address: 141.211.51.166#53
>>>> sph-2006-0090-test.ddns.sph.umich.edu
>>> Server: 141.211.51.166
>>> Address: 141.211.51.166#53
>>>
>>> Name: sph-2006-0090-test.ddns.sph.umich.edu
>>> Address: 141.211.11.190
>>> sph-2006-0090-test.ddns.sph.umich.edu text =
>>> "31ce446f626045a4f8fe4933f448b613c6"
>>>>
>>>
>>>
>>> But it never seems to propagate over to the slave:
>>>
>>>> server 141.211.51.66
>>> Default server: 141.211.51.66
>>> Address: 141.211.51.66#53
>>>> sph-2006-0090-test.ddns.sph.umich.edu
>>> Server: 141.211.51.66
>>> Address: 141.211.51.66#53
>>>
>>> ** server can't find
>>> sph-2006-0090-test.ddns.sph.umich.edu.sph.umich.edu: SERVFAIL
>>>>
>>>
>>> I used 'rndc freeze' on the DDNS sub-domain then edited the zone file
>>> to have a really short refresh interval:
>>>
>>> ddns.sph.umich.edu IN SOA dns.sph.umich.edu.
>>> hostmaster.sph.umich.edu. (
>>> 2007024409 ; serial
>>> 3600 ; refresh (1 hour)
>>> 1800 ; retry (30 minutes)
>>> 2419200 ; expire (4 weeks)
>>> 86400 ; minimum (1 day)
>>> )
>>>
>>>
>>> Then re-enabled it with 'rndc unfreeze' but it still doesn't seem to
>>> have made a difference. Even after waiting an hour, the additions to
>>> the dynamic DNS zone never propagate to the slave. I'm not even sure
>>> if those values are honored when dynamic DNS is enabled.
>>>
>>> Most sites that I have seen discussing dynamic DNS only use one DNS
>>> server, so I am not exactly sure how this should be set up, or if this
>>> was ever intended to work this way. Is it possible? Or should I just
>>> make only the master a NS for the dynamic subdomain and leave the
>>> slave for static stuff only?
>>>
>>> I feel like if it was going to work, I have it set up correctly..
>>>
>>> Thanks,
>>>
>>> -Sean
>>>
>>>
>>> _______________________________________________
>>> bind-users mailing list
>>> bind-users at lists.isc.org
>>> https://lists.isc.org/mailman/listinfo/bind-users
>>
>> --
>> Best regards
>>
>> Sten Carlsen
>>
>> No improvements come from shouting:
>>
>> "MALE BOVINE MANURE!!!"
>>
>>
>
>
> _______________________________________________
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
>
>
>
More information about the bind-users
mailing list