Dynamically add zones

Dan Durrer dan at vitalwerks.com
Fri Jul 30 23:08:01 UTC 2010 

Still not getting this to work just right,  refused queries to newly added zones.

If I config the zone as a master or as a slave it adds with a success from rndc.
 
Logs show sending notfies as master or completed zone transfer and zone system file creation if slave.

Query to the newly added zone comes back as refused.  

If I run reconfig it will start answering queries, but I'm guessing that is because its just re-reading the include from new-zone-file.   Am I missing something here?

Dan




On Jul 29, 2010, at 5:33 PM, Dan Durrer wrote:

> Alan,
> 
> So is managed.zone.list and zone.list  named differently on purpose or is that a typo? 
> 
> Dan
> 
> On Jul 29, 2010, at 5:23 PM, Alan Clegg <aclegg at isc.org> wrote:
> 
>> On 7/29/2010 7:19 PM, Dan Durrer wrote:
>>> Alan,
>>> 
>>> I was playing around with your example.  I can get it to add the zone
>>> ( that is no rndc errors or syslog messages).
>>> 
>>> I see it send notifies for the new zone in my log.
>>> 
>>> 29-Jul-2010 23:06:47.063 notify: info: zone exampledomain.com/IN:
>>> sending notifies (serial 12)
>>> 
>>> I also added the global option  new-zone-file "my_new_zones.dat" and
>>> I see that file being populated with the new zones statements I've
>>> added via rndc.
>>> 
>>> The server however responds with a REFUSED for this zone or any
>>> others done via addzone.
>>> 
>>> If i take the zone option statement in my_new_zones.dat and apply
>>> them to named.conf and reconfig it resolves just fine.  Anyone else
>>> experiencing this?
>> 
>> "include" the my_new_zones.dat into your named.conf... my entire
>> named.conf on the sample system reads:
>> 
>> ====SNIP====
>> options {
>>       directory "/etc/namedb";
>>       dnssec-enable yes;
>>       dnssec-validation yes;
>>       new-zone-file "/etc/namedb/managed.zone.list";
>>       key-directory "/etc/namedb/keys";
>> };
>> 
>> include "/etc/namedb/zone.list";
>> ====SNIP====
>> 
>> Note that the syntax for this set of tools (dynamic zone creation) is a
>> bit in flux and may be completely changed between 9.7.2 and 9.7.3. The
>> functionality will be there, but it might be a bit different in
>> implementation.. (beware!)
>> 
>> AlanC
>> 
>> _______________________________________________
>> bind-users mailing list
>> bind-users at lists.isc.org
>> https://lists.isc.org/mailman/listinfo/bind-users
> _______________________________________________
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users

More information about the bind-users mailing list