A Zone Transfer Question

John Miller johnmill at brandeis.edu
Fri Feb 19 16:59:27 UTC 2016 

On Fri, Feb 19, 2016 at 11:45 AM, David Li <dlipubkey at gmail.com> wrote:
>  This is my first time to try master slave configuration. Here is a
>     brief description:
>
>     I have two Centos 7.1 VMs - each is configured for a zone. VM1 is the
>     master for zone1 and slave for zone2. VM2 is master for zone2 and
>     slave for zone1. Both zones uses DNS Dynamic Update from DHCP
> servers on the same VM
>     to update the A records in their zone files. No DNSSEC configured.
>
>
>     To start, everything seems to be working fine. I have one host in each
>     zone and they can resolve each other fine.
>
>     Now I add a new host to zone1 and its sequence number has been bumped
>     up. I read that when the zone1 file changes, it will automatically
>     notify its slave zone (ie. zone2) to start a zone transfer after 15
>     min. This never happened. Then I restarted named on VM2 and hoped it
>     would pull the new zone1 file. This didn't happened either.
>     Eventually I have to either restart the VM2 or use dig to start the
>     zone transfer.
>
>     Can anyone spot anything obviously wrong here? Do I need to post my
>     zone file and named.conf?
>

Hi David -

Yes, it'd certainly help if you posted your named.conf.  I don't know
that we need the whole zone file: the SOA and NS records would
probably suffice in this case, especially if the zone has tons of
records.

I'll say: it sounds a little odd that you'd expect zone2 to be updated
when zone1 changes.  The master NS for zone1 will send out NOTIFY
messages to the servers listed in the NS records for zone1; it'll also
send NOTIFYs to anything you've put in an also-notify block.

The 15-minute wait also sounds strange: NOTIFY happens as soon as the
serial number of the master zone is incremented and the zone is
reloaded.  Also, a slave NS will automatically check its master for
updates after the refresh interval (1st number after the serial)
specified in the SOA record.  If you have that set to 15 minutes (900
seconds), then yes--the slave would check its master for updates, but
it's the _slave_ reaching out to the _master_ in that case.  Likewise,
slaves will reach out to their master NS when their zones are
reloaded.

I'm not going to worry about the DHCP dynamic updates piece yet - make
sure your master and slave are set up properly before introducing
dynamic updates to the mix.

John

More information about the bind-users mailing list