I've set up Bind9 on two Ubuntu servers, one a master and one secondary. If I create a new zone and then type RNDC Reload, it replicates the new zone immediately to the Slave.

However, if I just add or change an A record on the Master, it takes several hours to reflect the change on the secondary.

Can I change this interval somewhere, to immediate reflect the change?

Thanks-

That makes absolutely no sense.

First off, when you add a new zone to the master, rndc reload shouldn't propagate that "new" zone to the slave. BIND shouldn't be running as root, and only root should be able to modify named.conf, where zones are defined. You should have to manually add the name of the new zone to the secondary/slave's named.conf, and then it should pull the zone immediately. The only way around that I can see if by new "zone" you don't mean a fully new domain, but rather just a full zone file for a subdomain. By that I mean if you have a domain, exapmple.com, and you add a new subdomain nyc.example.com, but define nyc.example.com in its own zonefile, and have an include for it in the example.com zone, then what you are suggesting makes sense. But just to define a master for example2.com on the master and have it automatically added on the slave means something very odd is happening in Ubuntu land.

Secondly, it shouldn't take hours for your added A record to show on the slaves. It literally should be within 5 minutes max. When you change these zonefiles, are you remembering to update the serial number? You could add the notify or also-notify statement in a zone's definition, but by default both BIND 8 and 9 automatically do this. I just checked my logs on a slave, and when I updated a zone earlier today, (and incremented the serial number), the slave was notified within literally 2 seconds, and had the transfer made within 4 seconds of when I did rndc reload zonename.com on the master. If that is not happening for you, either your rndc config is off, your servers have trouble communicating, or the Ubuntu developers really tweaked out BIND, and though I don't use Ubuntu so I can't be sure, I doubt they did anything that severe.

Peace,
JimBass

Thanks for replying. What I'm saying is that if I create an entirely new zone on the master, then add the zone in the named.conf file on the slave, and then type "RNDC reload" on the slave, it appears immediately on the slave (the zone) without incrementing the serial number on the master.

I think that might be where I'm confused. The new zone propagates to the slave without incrementing the serial number by one on the master.
However, when I make an A record change on the master, it does not propagate for some time. I take that to mean that I always need to increment the serial number when I make an A record change, but not when I add a completely new zone???

What if I had 100 zones on the master, and I was changing A records on 50of them. Is that just a manual process of incrementing the 50 zones one by one? Seems a lot of work. Can it be automated?

Thanks again-

Ok, what you wrote now makes much more sense to me. If you manually add the slave zone to the named.conf, and then rndc reload, it will grab in within seconds. That is because as a new zone, it effectively has a serial number of 0. So any serial number (use the yyyymmddnn serial number, it makes life much simpler) on the master is newer (and greater) than 0, so it transfers immediately.

Yes, any time you make any change whatsoever to a zone file, you NEED to increment the serial number. A new zone that has any serial number will get moved across, and for existing zones, if you changed it today to be serial 2007102300, then you add an A record, make the serial 2007102301, the master will push that to the slaves literally within seconds. You want all your DNS servers in synch, giving the same data, and BIND does is super well. But yes, anytime you change any part of a zone, the serial number must go up, so BIND knows to push the change out.

Peace,
JimBass