Bind slave not updating

// // // // Provided by Red Hat bind package to configure the ISC BIND named(8) DNS // server as a caching only nameserver (as a localhost DNS resolver only).

ssh ns2.server "service named reload" rsync -e ssh -avzl P /var/named/chroot/etc/named_slave/named.conf2 [email protected]:/var/named/chroot/etc/ssh ns3.server "service named reload" service named reload [/code] All changes are made to all the [b]"master"[/b] entries and replaced by [b]"slave"[/b] And as you can see the [b]named.conf[/b] file, is then rsync'd over to the initial 2 slave servers. When the TTL for the zone expires, the slave server(s), provided that they have been specified on the master's /etc/as slaves and allowed to transfer, will contact the master server to check the serial number for the zone.

Also makes things much easier to add more slave servers. If the zone has changed(new serial number), the slave will initiate a zone transfer on its own without the need to run any scripts.

The 3 servers are tentatively installed on a Xen virtual server for testing purposes. The services on all 3 servers start up without any apparent issues.

All 3 servers are 64bit and installed with: - BIND 9.3.6-P1-Red Hat-9.3.6-4. [b]Master server:[/b] # /etc/init.d/named restart ; tail -f /var/log/messages [quote]Stopping named: [ OK ] Starting named: [ OK ] Jan 27 ns1 named[6103]: using default UDP/IPv6 port range: [1024, 65535] Jan 27 ns1 named[6103]: listening on IPv4 interface lo, 127.0.0.1#53 Jan 27 ns1 named[6103]: listening on IPv4 interface eth0, 10.2.37.202#53 Jan 27 ns1 named[6103]: command channel listening on 127.0.0.1#953 Jan 27 ns1 named[6103]: command channel listening on ::1#953 Jan 27 ns1 named[6103]: zone 0.168.192.in-addr.arpa/IN: loaded serial 100 Jan 27 ns1 named[6103]: zone yourdomain.com/IN: loaded serial 100 Jan 27 ns1 named[6103]: running Jan 27 ns1 named[6103]: zone yourdomain.com/IN: sending notifies (serial 100) Jan 27 ns1 named[6103]: zone 0.168.192.in-addr.arpa/IN: sending notifies (serial 100)[/quote] [b]Slave 1:[/b] # /etc/init.d/named restart ; tail -f /var/log/messages [quote]Stopping named: [ OK ] Starting named: [ OK ] Jan 27 ns2 named[5965]: found 2 CPUs, using 2 worker threads Jan 27 ns2 named[5965]: using up to 4096 sockets Jan 27 ns2 named[5965]: loading configuration from '/etc/named.conf' Jan 27 ns2 named[5965]: using default UDP/IPv4 port range: [1024, 65535] Jan 27 ns2 named[5965]: using default UDP/IPv6 port range: [1024, 65535] Jan 27 ns2 named[5965]: listening on IPv4 interface lo, 127.0.0.1#53 Jan 27 ns2 named[5965]: listening on IPv4 interface eth0, 10.2.37.214#53 Jan 27 ns2 named[5965]: command channel listening on 127.0.0.1#953 Jan 27 ns2 named[5965]: command channel listening on ::1#953 Jan 27 ns2 named[5965]: running[/quote] [b]Slave 2:[/b] # /etc/init.d/named restart ; tail -f /var/log/messages [quote]Stopping named: [ OK ] Starting named: [ OK ] Jan 27 ns3 named[5874]: found 2 CPUs, using 2 worker threads Jan 27 ns3 named[5874]: using up to 4096 sockets Jan 27 ns3 named[5874]: loading configuration from '/etc/named.conf' Jan 27 ns3 named[5874]: using default UDP/IPv4 port range: [1024, 65535] Jan 27 ns3 named[5874]: using default UDP/IPv6 port range: [1024, 65535] Jan 27 ns3 named[5874]: listening on IPv4 interface lo, 127.0.0.1#53 Jan 27 ns3 named[5874]: listening on IPv4 interface eth0, 10.2.37.225#53 Jan 27 ns3 named[5874]: command channel listening on 127.0.0.1#953 Jan 27 ns3 named[5874]: command channel listening on ::1#953 Jan 27 ns3 named[5874]: running[/quote] The configuration files are like follows: [b]Master server:[/b] # cat /var/named/chroot/etc/[code]options ; key "rndc-key" ; zone "yourdomain.com" IN ; zone "0.168.192.in-addr.arpa" IN ;[/code] [b]Slave servers(both are the same):[/b] # cat /var/named/chroot/etc/[code]options ;[/code] Any help or pointers will be appreciated.

You can also check if your zone transfers really work from your slave servers with the following command: [b] dig -t axfr 10.2.37.202 [/b] BTW, your system is NOT fully updated - you're running an old kernel. EDIT: Also, it'd be a good idea to get a good reference on setting up BIND DNS server, like O'Reilly Media's: DNS & BIND. I did what you suggested and the servers started replicating. [b]Master Server:[/b] # tail -f /var/log/messages [code] Jan 28 ns1 named[1465]: client 10.2.37.214#50135: transfer of 'yourdomain.com/IN': AXFR started Jan 28 ns1 named[1465]: client 10.2.37.214#50135: transfer of 'yourdomain.com/IN': AXFR ended Jan 28 ns1 named[1465]: client 10.2.37.225#52508: transfer of 'yourdomain.com/IN': AXFR started Jan 28 ns1 named[1465]: client 10.2.37.225#52508: transfer of 'yourdomain.com/IN': AXFR ended [/code] But now the slave servers are complaining again.

[b]Slave 1:[/b] # tail -f /var/log/messages [code] Jan 28 ns2 named[1445]: zone yourdomain.com/IN: Transfer started.

Also I have 'notify explicit' so that only those servers named in the also-notify get notified.

I do not think that this will handle setting up [b]new[/b] zones but it will propagate changes made in the zones that are defined on both master and slave servers.

I have also disabled the iptables firewall, as that is not difficult to set up and allow port access between the 3 servers.

I just wanted to cut that out of the equation to make sure DNS and replication is working. I also did an upgrade of all 3 servers, thanks for that.

Thanks Well one thing you are clearly missing in [b]named.conf[/b] of your slave DNS servers, are slave zone declarations along with location where to commit this data (and retrieve it from afterward).

Tags: , ,