Unable to completely transfer root zone
Tony Finch
dot at dotat.at
Fri Feb 14 12:47:15 UTC 2020
Matus UHLAR - fantomas <uhlar at fantomas.sk> wrote:
>
> unfortunately this happens when you decide to mirror root zone and it fails.
>
> you should use more primary servers when possible and change root zone
> type from secondary to hint if it fails.
In this particular case, adding more primaries would not have helped
because the firewall that caused the breakage would have broken every
primary.
I have a little monitoring cron job to avoid this kind of problem.
(You'll need to adjust the paths for your setup.)
#!/usr/bin/perl
use warnings;
use strict;
my $type = '';
for (qx(named-checkconf -px)) {
$type = $1 if m{^\s*type\s+(\w+);$};
next unless $type eq "slave"
and m{^\s*file\s+"\.\./zone/(.*)";$};
my $zone = $1;
my $file = "/home/named/zone/$1";
next if -f $file and 1 > -M $file;
print "stale zone $zone\n";
}
> Note that rarely someone needs to have local copy of the root zone.
Yes.
> If you use cisco routers, ask network admins to disable any DNS "fixup"
> functionality, because that usually causes problems.
In my experience all Cisco PIX/ASA fuxup options are horribly broken and
should be turned off.
Tony.
--
f.anthony.n.finch <dot at dotat.at> http://dotat.at/
Shannon: South or southwest 6 to gale 8, increasing severe gale 9 or storm 10
for a time. Very rough at first in east, otherwise high or very high. Rain or
showers. Good, occasionally poor.
More information about the bind-users
mailing list