Find the answer to your Linux question:
Results 1 to 8 of 8
Hello , I have configured master and slave Bind servers. Everything works fine . But whenever I add a new zone entry at master server it is not getting updated ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined! pratapsingh's Avatar
    Join Date
    Feb 2009
    Posts
    82

    Exclamation Zones are not getting updated at slave servers


    Hello ,

    I have configured master and slave Bind servers. Everything works fine . But whenever I add a new zone entry at master server it is not getting updated at slave server in logs I see this error
    client 192.168.1.1#43428: view external: received notify for zone 'yourdomainname.com': not authoritative

    At master server I do not see any error or warning message.

    This error clearly indicates that named.conf file does not have zone entry in it or domain name is wrong. While checking the named.conf file I see that the zone entry has not been updated at slave server.
    If I update it manually and reload named on slave then zone files (db files) are getting created without any issue and any modification at master server for the zone records are also getting updated.

    My concern is why zone record is not getting appended at slave server in named.conf file.

    Is there anything I am missing in the configuration.


    I am pasting the steps which I have followed to configure my master and slave server

    ================================================== ==============
    Configure Bind as master and slave server
    Install Bind on your server
    yum install bind
    OR
    sudu apt-get install bind9
    Generate RNDC Key using the command
    rndc-confgen -a -k rndc-key
    it will stored in /etc/rndc-key file
    Master Server IP 192.168.0.1
    Slave Server IP 192.168.1.1
    Master Server Configuration
    ========================
    options
    {
    query-source port 53;
    // Put files that named is allowed to write in the data/ directory:
    directory "/var/named"; // the default
    dump-file "data/cache_dump.db";
    statistics-file "data/named_stats.txt";
    memstatistics-file "data/named_mem_stats.txt";
    allow-transfer { 192.168.1.1; }; # this ip address is for ns2 server so ns1 will transfer all zones to ns2
    allow-notify { trusted; };
    allow-recursion { trusted; };
    };
    //### added rndc-key into named.conf ###
    key "rndc-key" {
    algorithm hmac-md5;
    secret "ceGhT/EC/dmxTPChlxmBMw==";
    };
    acl "trusted" {
    192.168.1.1; // IP address of the slave name server
    };
    controls {
    inet 127.0.0.1 port 953
    allow { 127.0.0.1;192.168.1.1; } keys { "rndc-key"; };
    };
    view "external"
    {
    /* This view will contain zones you want to serve only to "external" clients
    * that have addresses that are not on your directly attached LAN interface subnets:
    */
    match-clients { any; };
    match-destinations { any; };
    recursion no;
    // you'd probably want to deny recursion to external clients, so you don't
    // end up providing free DNS service to all takers
    allow-query-cache { any; };
    // Disable lookups for any cached data and root hints
    zone "yourdomainname.com" in {
    allow-transfer { 192.168.1.1; };
    type master;
    file "/var/named/yourdomainname.com.db";
    };
    };
    Slave Server Configuration
    ==================
    options
    {
    // Those options should be used carefully because they disable port
    // randomization
    //query-source port 53;
    // query-source-v6 port 53;
    // Put files that named is allowed to write in the data/ directory:
    directory "/var/named"; // the default
    dump-file "data/cache_dump.db";
    statistics-file "data/named_stats.txt";
    memstatistics-file "data/named_mem_stats.txt";
    allow-transfer { 192.168.0.1; }; # this ip address is ns1 ip address
    transfer-format many-answers;
    notify no;
    //allow-recursion { trusted; };
    recursion no;
    };
    key "rndc-key" {
    algorithm hmac-md5;
    secret "ceGhT/EC/dmxTPChlxmBMw==";
    };
    acl "trusted" {
    192.168.0.1;192.168.1.1;127.0.0.1; // IP address of the name servers
    };
    controls {
    inet 127.0.0.1 port 953
    allow { 127.0.0.1;192.168.0.1; } keys { "rndc-key"; };
    };
    view "external"
    {
    /* This view will contain zones you want to serve only to "external" clients
    * that have addresses that are not on your directly attached LAN interface subnets:
    */
    match-clients { any; };
    match-destinations { any; };
    recursion no;
    // you'd probably want to deny recursion to external clients, so you don't
    // end up providing free DNS service to all takers
    allow-query-cache { any; };
    // Disable lookups for any cached data and root hints
    // all views must contain the root hints zone:
    // These are your "authoritative" external zones, and would probably
    // contain entries for just your web and mail servers:
    zone "yourdomainname.com" in {
    type slave;
    file "/var/named/yourdomainname.com.db";
    masters {192.168.0.1;};
    allow-transfer { 192.168.0.1;};
    };
    };
    ================================================== ==============

  2. #2
    Linux Guru Lazydog's Avatar
    Join Date
    Jun 2004
    Location
    The Keystone State
    Posts
    2,677
    What OS are you running and are you running named in a chroot env.?

    Regards
    Robert

    Linux
    The adventure of a life time.

    Linux User #296285
    Get Counted

  3. #3
    Just Joined! pratapsingh's Avatar
    Join Date
    Feb 2009
    Posts
    82
    I am using Centos
    cat /etc/redhat-release
    CentOS release 5.5 (Final)

    No it is not chroot .

  4. $spacer_open
    $spacer_close
  5. #4
    Linux Guru Lazydog's Avatar
    Join Date
    Jun 2004
    Location
    The Keystone State
    Posts
    2,677
    Sorry, it is getting late here so I'm doing this from memory. Might be a few mistakes in the following but you should be able to give it a try and see if it works.

    Code:
    options {
      directory "/var/named";
      dump-file "data/cache_dump.db";
      statistics-file "data/named_stats.txt";
      memstatistics-file "data/named_mem_stats.txt";
      version "not currently available";
      allow-notify {192.168.0.1};
      allow-transfer{"none"};
      recursion no
    };
    
    key "rndc-key" {
      algorithm hmac-md5;
      secret "ceGhT/EC/dmxTPChlxmBMw==";
    };
    
    view "external"
    zone "yourdomainname.com" in {
      type slave;
      file "/var/named/yourdomainname.com.db";
      masters {192.168.0.1;};
      allow-transfer { 192.168.0.1;};
    You could always look HERE for information on configuring bind

    Regards
    Robert

    Linux
    The adventure of a life time.

    Linux User #296285
    Get Counted

  6. #5
    Just Joined! pratapsingh's Avatar
    Join Date
    Feb 2009
    Posts
    82
    I have the same entry as you suggested.
    zone "yourdomainname.com" in {
    type slave;
    file "/var/named/yourdomainname.com.db";
    masters {192.168.0.1;};
    allow-transfer { 192.168.0.1;};
    };


    But my concern is If I am adding a new DNS record for a new domain on my master server then why slave server named.conf file is not getting updated with the zone entry for that domain name. Once I edit the slave server named.conf file manually and add the zone entry for the newly registered/created domain and reload named then db files are getting created without any issue.

    Rest works fine after that. Again I am mentioning it here why zone record are not getting appended to named.conf at slave server when I add a new domain name at master server.

  7. #6
    Linux Guru Lazydog's Avatar
    Join Date
    Jun 2004
    Location
    The Keystone State
    Posts
    2,677
    Quote Originally Posted by pratapsingh View Post
    But my concern is If I am adding a new DNS record for a new domain on my master server then why slave server named.conf file is not getting updated with the zone entry for that domain name.
    Are we talking Zone records or new zone file altogether here?

    If you are talking about adding a new zone, i.e., mydomain2.com to the master then you must update the slave conf for it to know about it. this is not an automatic process. the reason behind this is because some people when certain zone on certain servers and not others.

    Now if you have mydomain2.com on both servers and you are updating the records in that zone then you have to increment the serial number so that the slave knows the file has changed.


    Once I edit the slave server named.conf file manually and add the zone entry for the newly registered/created domain and reload named then db files are getting created without any issue.
    And that is the way it is supposed to work.

    Regards
    Robert

    Linux
    The adventure of a life time.

    Linux User #296285
    Get Counted

  8. #7
    Just Joined! pratapsingh's Avatar
    Join Date
    Feb 2009
    Posts
    82
    Thanks for your reply.

    Is there any way I can automate the update of zone in the named.conf file at slave server?

    Because its an overhead process to do it all the time manually .

  9. #8
    Linux Guru Lazydog's Avatar
    Join Date
    Jun 2004
    Location
    The Keystone State
    Posts
    2,677
    In Bind, no, not that I am aware of. You only option would be to write a script for adding and deleting zone and have it automatically update both master and slave.

    Regards
    Robert

    Linux
    The adventure of a life time.

    Linux User #296285
    Get Counted

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •