Views and Updates with a twist

Mark Andrews marka at isc.org
Mon Nov 15 02:37:08 UTC 2010 

In message <201011141952.oAEJqp2Y009705 at nermal.bellut.net>, Bodo Bellut writes:
> 
> Hi,
> 
> I'm currently using a BIND9 slave for two masters. Master 1 is 
> using views (internal and external), master 2 doesn't have any 
> views configured.
> 
> This setup works for master 1 without any problems, for master 2 I have
> the slave configured to use the same configuration files for both views so
> the zones are identical in both views.
> 
> When master 2 sends a notify to the slave, the slave refreshes the 
> appropriate zone but only for the internal view. The external view 
> continues serving the old zone even though the file contents are updated 
> correctly.

Slave zone should NOT share files.

> When I restart the slave (rather then reloading changed zones 
> only) it serves identical data in both views again.
> 
> I have read the FAQ entry at https://www.isc.org/faq/item/182 but this 
> assumes views configured on both master and slave.
> 
> Is there a way to have the slave update the zones on both views when 
> receiving a notify or do I have to configure the same views on the master 
> and have them serve identical data?

If it is the same content, have one of the views on the slave transfer
from the other view.  Here view "A" is the view that receives the notify
from the master.  View "A" transfers the content from the master then
notifies view "B", which, in turn, transfers the content from view "A".

key "view-a" {
	....
};

key "view-b" {
	....
};
	
view "A" {
	match-clients { key view-a; !key view-b; .... };

	server 127.0.0.1 {
		keys view-b;
	};

        zone "example.net" {
                type slave;
                masters { .... };
                file "slave-a/example.net";
                allow-transfer { key view-a; .... };
		notify explict;
		also-notify { 127.0.0.1; };
        };
};

view "B" {
	match-clients { ! key view-a; key view-b; .... };

        zone "example.net" {
                type slave;
                file "slave-b/example.net";
                masters { 127.0.0.1 key view-a; };
                notify no;
                allow-transfer { .... };
        };
};

If each view has different content then you need to ensure that both
views receive notify messages from their respective sources.

One day we should extend also-notify to accept "key value" like masters
do so that server clause can be removed.

Mark
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka at isc.org

More information about the bind-users mailing list