'succesful' nsupdate of remote server not persistent across nameserver restart?
jasonsu at mail-central.com
jasonsu at mail-central.com
Sat Apr 30 03:36:12 UTC 2016
On Mon, Apr 25, 2016, at 11:44 AM, jasonsu at mail-central.com wrote:
> Now back to figuring this^ out :-/
I started from scratch, now on bind 9.10.4.
After update, I'm preserving my jnl files, but they're sill not getting written to zone files on nameserver restart.
With this update file
cat ~/nsupdate.txt
server ns01.example.com
local 10.0.0.17
debug yes
zone example.com.
update add test.example.com. 300 in TXT "YYYYYY"
show
send
I exec the nsupdate
$NSUPDATE ~/nsupdate.txt
In my nameserver log I get
Apr 29 20:03:24 ns01 named[3440]: 29-Apr-2016 20:03:24.810 update-security: info: client 10.0.0.17#17687/key jason-key: view external: signer "jason-key" approved
Apr 29 20:03:24 ns01 named[3440]: 29-Apr-2016 20:03:24.810 update: info: client 10.0.0.17#17687/key jason-key: view external: updating zone 'example.com/IN': adding an RR at 'test.example.com' TXT "YYYYYY"
I can see the change
dig TXT test.example.com @ns01.example.com +short
"YYYYYY"
Checking at this time in the nameserver's chroot & init dirs,
ls -altr /var/chroot/named/namedb/master/example.com* && \
ls -altr /etc/named/namedb/master/example.com*
I see the .jnl only in the chroot
-rw-r----- 1 named named 1.2K Apr 29 20:01 /var/chroot/named/namedb/master/example.com.zone
!!! -rw-r--r-- 1 named named 789 Apr 29 20:03 /var/chroot/named/namedb/master/example.com.zone.jnl
-rw-r----- 1 named named 1.2K Apr 29 20:01 /etc/named/namedb/master/example.com.zone
It's got the update in it
named-journalprint /var/chroot/named/namedb/master/example.com.zone.jnl | grep TXT
add test.example.com. 300 IN TXT "YYYYYY"
I then restart the nameserver
systemctl stop named
systemctl start named
Checking again, since my chroot explicitly copies the journals, I now see the jnl in BOTH the chroot dir and the init dir
ls -altr /var/chroot/named/namedb/master/example.com* && \
ls -altr /etc/named/namedb/master/example.com*
-rw-r----- 1 named named 1.2K Apr 29 20:01 /var/chroot/named/namedb/master/example.com.zone
!!! -rw-r--r-- 1 named named 789 Apr 29 20:03 /var/chroot/named/namedb/master/example.com.zone.jnl
-rw-r----- 1 named named 1.2K Apr 29 20:01 /etc/named/namedb/master/example.com.zone
!!! -rw-r--r-- 1 named named 789 Apr 29 20:03 /etc/named/namedb/master/example.com.zone.jnl
with the update correct
named-journalprint /var/chroot/named/namedb/master/example.com.zone.jnl | grep TXT && \
named-journalprint /etc/named/namedb/master/example.com.zone.jnl | grep TXT
add test.example.com. 300 IN TXT "YYYYYY"
add test.example.com. 300 IN TXT "YYYYYY"
But obviously, the named re-start did NOT write the zone files -- the data's still, just in the jnl's, not in the zone files
grep YYYYY \
/var/chroot/named/namedb/master/example.com.zone \
/etc/named/namedb/master/example.com.zone
(empty)
It's official. This is driving me nuts.
Jason
More information about the bind-users
mailing list