bind restart needed to reflect changes to dynamic zone in multiple views
Brian J. Murrell
brian at interlinx.bc.ca
Fri Jun 24 13:22:33 UTC 2011
I am using BIND 9.7.2-P2.
I have two views, one "internal" and one for "external" queries. In
both of those views I have some zones which are common so I put them
into their own file "zones.common" and include that file in both of the
views.
The problem I am having is that when I make a dynamic update to a common
zone, only the internal view sees that change. External queries still
return the data prior to the update. If I restart the server, then
external queries get the updated data.
To provide an (excerpted, for brevity) example...
---- zones.common ----
zone "rbl.interlinx.bc.ca" {
type master;
file "/etc/bind/master/rbl.interlinx.bc.ca.zone";
allow-update { ... };
allow-transfer { ... };
allow-query { any; };
};
---- zones.common ----
---- named.conf ----
view "trusted" {
match-clients { trusted_networks; }; // our internal networks
...
include "/etc/bind/zones.common";
...
zone "interlinx.bc.ca" {
type master;
file "/etc/bind/master/interlinx.bc.ca.zone";
allow-update { ... };
allow-query { ... };
allow-transfer { ... };
};
...
};
view "greatunwashed" {
match-clients { any; }; // all others hosts
...
include "/etc/bind/zones.common";
allow-query { great_unwashed_allowed_query; };
zone "interlinx.bc.ca" {
type slave;
file "/etc/bind/slave/interlinx.bc.ca.zone";
masters { ... };
allow-query { any; };
};
};
---- named.conf ----
To demonstrate, given the above configuration:
greatunwashed_host $ host 1.2.3.4.rbl.interlinx.bc.ca.
Host 1.2.3.4.rbl.interlinx.bc.ca not found: 3(NXDOMAIN)
trusted_host $ host 1.2.3.4.rbl.interlinx.bc.ca.
Host 1.2.3.4.rbl.interlinx.bc.ca. not found: 3(NXDOMAIN)
dns_server $ nsupdate
> server localhost
> zone rbl.interlinx.bc.ca.
> update add 1.2.3.4.rbl.interlinx.bc.ca 60 A 127.0.0.2
> send
>
trusted_host $ host 1.2.3.4.rbl.interlinx.bc.ca.
1.2.3.4.rbl.interlinx.bc.ca has address 127.0.0.2
greatunwashed_host $ host 1.2.3.4.rbl.interlinx.bc.ca.
Host 1.2.3.4.rbl.interlinx.bc.ca not found: 3(NXDOMAIN)
dns_server # /usr/sbin/rndc reload
server reload successful
trusted_host $ host 1.2.3.4.rbl.interlinx.bc.ca.
1.2.3.4.rbl.interlinx.bc.ca has address 127.0.0.2
greatunwashed_host $ host 1.2.3.4.rbl.interlinx.bc.ca.
Host 1.2.3.4.rbl.interlinx.bc.ca not found: 3(NXDOMAIN)
dns_server # service bind9 restart
* Stopping domain name service... bind9
...done.
* Starting domain name service... bind9
...done.
trusted_host $ host 1.2.3.4.rbl.interlinx.bc.ca.
1.2.3.4.rbl.interlinx.bc.ca has address 127.0.0.2
greatunwashed_host $ host 1.2.3.4.rbl.interlinx.bc.ca.
1.2.3.4.rbl.interlinx.bc.ca has address 127.0.0.2
As you can see, it took a complete server restart for the greatunwashed
view to get the zone update.
Is this expected behavior or a (known?) bug?
Cheers,
b.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 262 bytes
Desc: OpenPGP digital signature
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20110624/5a01ce9f/attachment.bin>
More information about the bind-users
mailing list