bind slave not get DNS update
Steve Zeng
SteveZ at airg.com
Wed Jan 5 00:43:36 UTC 2011
We have a BIND DNS master and Windows DNS slave running for a while. I recently configured a second DNS slave running on Linux/Centos. When I stop/start the second DNS slave. It gets all zone files correctly. However, it does not get update when I make a zone file modification and increased the sn on the master. The odd thing is, I don't see any xfer-out log in the master(I do see the xfer-out log for the windows DNS slave, though). Googling around and search BIND maillist archive does not get much clue either... any hint is greatly appreciated..
BIND MASTER(bind-9.3.1-20.FC4):
============================
options { # this section sets the default options
directory "/var/named"; # directory where the zone files will reside
listen-on {
A.A.A.A; # public IP address of the local interface to listen
192.168.100.204; # private IP address of the local interface to listen
192.168.101.204;
};
auth-nxdomain no; # conform to RFC1035
notify yes; # enable AA notifies
allow-notify { none; };
allow-query { any; }; # allow anyone to issue queries
recursion no; # disallow recursive queries unless over-ridden below
version "0"; # obscures version reporting - can't hurt
zone-statistics yes;
statistics-file "/var/named/statistics/named_stats.txt";
};
logging{
channel simple_log {
file "log/bind.log" versions 3 size 50m;
severity info;
print-time yes;
print-severity yes;
print-category yes;
};
category default{
simple_log;
};
};
view "office" {
match-clients { office_networks; }; # match hosts in acl "office_networks" above
recursion yes; # allow recursive queries
notify-source * port 53;
allow-transfer { B.B.B.0/24; C.C.C.0/24};
also-notify {
B.B.B.B; # public IP of first DNS slave(windows DNS)
C.C.C.C; # public IP of second DNS slave(Linux BIND DNS)
};
zone "mydomain.com" in {
type master;
file "office/mydomain.com.zone";
};
};
BIND SLAVE(bind-9.3.6-4.P1.el5_5.3):
================================
options
{
// Those options should be used carefully because they disable port
// randomization
// query-source port 53;
// query-source-v6 port 53;
// Put files that named is allowed to write in the data/ directory:
directory "/var/named"; // the default
dump-file "data/cache_dump.db";
statistics-file "data/named_stats.txt";
memstatistics-file "data/named_mem_stats.txt";
allow-notify
{
A.A.A.A; # # public IP of master
};
};
logging
{
/* If you want to enable debugging, eg. using the 'rndc trace' command,
* named will try to write the 'named.run' file in the $directory (/var/named).
* By default, SELinux policy does not allow named to modify the /var/named directory,
* so put the default debug log file in data/ :
*/
channel default_debug {
file "data/named.run";
// severity dynamic;
severity info;
};
};
view "office"
{
/* This view will contain zones you want to serve only to "internal" clients
that connect via your directly attached LAN interfaces - "localnets" .
*/
match-clients { localnets; };
recursion yes;
// all views must contain the root hints zone:
include "/etc/named.root.hints";
include "/etc/named.rfc1912.zones";
// you should not serve your rfc1912 names to non-localhost clients.
// These are your "authoritative" internal zones, and would probably
// also be included in the "localhost_resolver" view above :
zone " mydomain.com" {
type slave;
file "slaves/ mydomain.com.zone";
masters {
/* put master nameserver IPs here */
A.A.A.A;
} ;
};
};
Thanks,
Steve
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20110104/5f223b67/attachment.html>
More information about the bind-users
mailing list