DNS not replicating
I have two DNS servers using named service.
The primary server is sitting in a different location and with a different subnet. The slave server is on another location with a different subnet. This all worked well before replicating to each other but not until this week. For some reason the slave server wont update it's records any more coming from the primary which is causing some entries unable to resolve in the location where the slave server is housed in. I have restarted the service on both servers but still would not replicate. I made sure that permissions were also correct comparing both servers side by side. Any other possible ways to resolve this issue? Please advise. Thanks, DB |
Not a networking question, moved to Linux - Server.
|
Quote:
|
Please, test if it is possible to complete a "Zone Transfer" operation from primary server to secondary one: On the secondary server run:
Code:
dig @ip-address-primary-server your-domain-here AXFR PS: Check if the NS record has the right address specially for the secondary server. |
Quote:
This particular record seems to not replicate for some reason. This is a server called csaaqa22.csaa.com 10.10.1.23 A record but this is not showing in the slv dns server. Any idea why this is happening? Thanks! |
I saw this in the log:
client 10.10.1.134#53: updating zone 'csaa.com/IN': update failed: not authoritative for update zone (NOTAUTH) Also it looks like it is loading an old version of the file into the slv dns server instead of the new version I just edited (20090715): Jul 15 10:59:19 dnssrv01.csaa.com named[19050]: zone csaa.com/IN: loaded version 20090710 Do you think this might be the issue? |
Quote:
Quote:
And what is the output when you ask the same to the secondary server on the secondary server ? Code:
secondary# dig @primary-ip-address your.domain AXFR Also, you can test/use another tool to help you to debug your setup. It is "rndc". This programs "talks" directly to the name server and it can be used to force a synchronization. Look how a a typical successful synchronization process looks like from the secondary (serverb): Code:
[root@serverb ~]# rndc -V refresh mydomain.com.br |
Quote:
Still sync wont work between servers. I also did an rndc reload and refresh. Should that take effect right away, or do I have to wait for it to sync successfully? |
What happens if I rename the slv records in the secondary dns server into ***.com.old on all of them.
Will it reload new files from the primary if it didnt find files in there? |
We need to be sure that are a "network path" between two servers, regarding to DNS.
This is why the command "dig @primary-ip-address your.domain AXFR" issued on the secondary is so important. make sure to use the right ip address of the primary server and check the serial. With the serial you got from the primary server check it against the serial it is on the secondary (either using a similar command - dig @secondary-ip-address your.domain AXFR - or by inspecting the file.db on /var/named...) It is important to repeat the test, this time on the primary to check the connectivity in both directions. Without the test I can't say much more.... And answering your question, yes, it SHOULD take effect right away (at least in a few seconds), unless there are some problem, which probably is the case. :( |
Quote:
Just make sure "/etc/named.conf" has an entry like this: Code:
zone "your-domain." IN { |
I think I have resolved this issue!
Turned out to be a file/dir permissions issue. I issued a chmod on named dir to 775, cleaned up old records that my former colleague did in which did the trick for me. Now it is loading the new serial for the records. Thanks to all who posted! :) |
All times are GMT -5. The time now is 07:50 AM. |