LinuxQuestions.org
Did you know LQ has a Linux Hardware Compatibility List?
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 08-30-2006, 10:02 AM   #1
quackking
LQ Newbie
 
Registered: Feb 2004
Distribution: mandrake 9.2+
Posts: 19

Rep: Reputation: 0
BIND Slave server never gets zone transfer from master. HELP!!


Hi. This is sort of complicated and I have no idea why it isn't working - please read all the way through! BIND gurus -- HELP HELP HELP!!!

I have a BIND 9.3.1 server running on a Mandriva 2006.0 box. Until yesterday this server was a secondary for about 40 domains - the primary server for these domains was a (yuck) WIndows NT box running the elderly version of MS's DNS.

It worked fine; zone transfers from the NT box to the Mandriva box occurred normally as per schedule.

Yesterday the NT box died a horrible hard-disk death. I have converted the zones on the Mandriva (BIND) box to be master zones, and have made the appropriate changes at the registrar to point to the Mandriva box as primary.

I have another box on a different network which I have set up (I thought, correctly!) to act as the new secondary. This new secondary is running Ubuntu 6.06.1 LTS, and is using Bind 9.3.2.

Here's the problem: When I set up a slave zone on the Ubuntu box and point to the Mandriva box as master, the zone never gets transferred. I am using Webmin 1.290 on both Linux boxes to manage BIND. Also, I am storing the hosts files for BIND in files named "/var/named/domain.com.hosts" as opposed to under /etc. /var/named is 40775, owned by root.bind. I can manually copy files from the master DNS server to the slave DNS server, and the slave will work fine. However if I use Webmin's "FORCE UPDATE" button on the slave, it eventually leaves messages in the Bind log (I have that set to /var/log/bind_info) like this:

30-Aug-2006 10:41:23.408 general: info: zone testdomain.com/IN: Transfer started.
30-Aug-2006 10:44:32.418 xfer-in: error: transfer of 'testdomain.com/IN' from 66.105.94.248#53: failed to connect: timed out
30-Aug-2006 10:44:32.418 xfer-in: info: transfer of 'testdomain.com/IN' from 66.105.94.248#53: end of transfer

I temporariy have IPTABLES on both machines set up to allow unblocked traffic (both UDP and TCP) on ports 53 and 953.

The files on the slave in /var/named are 664.

I don't think that I have anything set re: dnssec - and I don't see anything in the log on the master server that indicates a security or auth failure.

I have the book "DNS and BIND" by O'Reilly, third edition, and I have read the whole thing three times.

Can somebody PLEASE give me a nice step-by-step guide to setting up the relationships necessary to make the slave transfer zones from the master?

HELP HELP HELP!!!
 
Old 08-30-2006, 10:44 AM   #2
doublejoon
Member
 
Registered: Oct 2003
Location: King George, VA
Distribution: RHEL/CentOS/Scientific/Fedora, LinuxMint
Posts: 366

Rep: Reputation: 44
Maybe create rndc keys

maybe this will help you http://www.howtoforge.com/debian_bin...r_slave_system
 
Old 08-30-2006, 12:54 PM   #3
quackking
LQ Newbie
 
Registered: Feb 2004
Distribution: mandrake 9.2+
Posts: 19

Original Poster
Rep: Reputation: 0
Hmm. It must be a permissions issue. Eventually the slave server log contains messages like this:

....could not set file modification time of '/var/named/testdomain.com.hosts': permission denied

I don't get it. The file is owned by bind:bind. On Ubuntu, the daemon 'named' is running as user 'bind' (confirmed by looking at "top" and also "running processes" in Webmin.) The permissions on the file are 664 (read/write by owner, read/write by group, read by others.) The permissions on the entire directory /var/named are 755 (read/write/execute by owner, read/execute by group, read/execute by others) , and that directory is also owned by bind:bind. I have emulated the perms from the (working) setup on the Mandriva machine (except that on that machine the user and group are 'named' not "bind".)

What have I done wrong here?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Tricks for performing a master -> slave zone/domain transfer from WIN2003 to Suse 10 zippie74 Linux - Networking 4 05-16-2006 01:50 AM
Bind Zone Transfer dafunk Linux - Networking 7 03-22-2006 07:21 PM
bind slave zone macadam Linux - Networking 3 03-03-2005 01:46 PM
Bind DNS Slave zone macadam Linux - Networking 2 03-02-2005 06:49 AM
Bind returns 0 answers on the zone it is set to be master on Timur Sakayev Linux - Networking 2 12-29-2004 08:46 AM


All times are GMT -5. The time now is 06:12 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration