DNS not replication to 2nd slave server

codenjanod · 11-02-2009, 07:22 AM

Hi All,

I am still learning about DNS but now I am sitting with a bit of a problem.
I have 3 DNS servers, running various OS's and various versions of BIND.
Primary DNS server:
Slackware 8.1 with BIND 9.2.1

Secondary DNS server 1:
Mandrake 10 with BIND 9.2.3rc2

Secondary DNS server 2:
CentOS 5.4 with BIND 9.3.6-P1-RedHat-9.3.6-4.P1.el5

Updates happen fine between the primary and 1st secondary server. (This system was inherited by me)
But updates does not reach the 2nd secondary server at all. (New server installed recently)

The logs on the primary server and 2nd secondary server shows no errors.
The "named" service starts up without any issues on the 2nd secondary server.
Iptables have been disabled on the 2nd secondary server.

The named.conf file for the primary and 1st secondary server is as follows:

Code:

options {
    directory "/etc/namedb";
        allow-recursion { 192.168.0.0/24; 10.8.0.0/24; 10.9.0.0/24; localhost; };
        allow-transfer { localhost; 196.15.5.6; 196.25.4.9; 196.37.174.39; };
        forwarders { 158.215.2.5; 196.16.236.6; };
        version "GoAway(TM) v 0.91";
        notify yes;
};

key "rndc-key" {
      algorithm hmac-md5;
      secret "xxxxxxxxxxxxxxxxxxxx";
};

controls {
      inet 127.0.0.1 port 953
      allow { 127.0.0.1; } keys { "rndc-key"; };
};
...
...
zone .....
.....

I basically copied the config from my 1st secondary server(the working one) to the 2nd secondary server, except for the "zone" entries and also none of the zone files.
The "named" service still start up without any issues.

The named.conf file for the 2nd secondary server is as follows:

Code:

options {
    directory "/var/named";
        allow-recursion { 192.168.0.0/24; 10.8.0.0/24; 10.9.0.0/24; localhost; };
        allow-transfer { localhost; 196.15.5.6; 196.25.4.9; 196.37.174.39; };
        forwarders { 158.215.2.5; 196.16.236.6; };
        version "GoAway(TM) v 0.91";
        notify yes;
};

key "rndc-key" {
      algorithm hmac-md5;
      secret "xxxxxxxxxxxxxxxxxxxx";
};

controls {
      inet 127.0.0.1 port 953
      allow { 127.0.0.1; } keys { "rndc-key"; };
};

The rndc keys are the same on all 3 the servers.
I checked with netstat and the "named" service is listening on the 2nd secondary server.

The only difference I can see is the directory entry between the 1st and 2nd secondary servers.
From my limited knowledge the zone entries and files should be pulled over.

Thanks for the help

bathory · 11-02-2009, 07:42 AM

Hi,

Make sure that you have added a NS record for the 2nd slave among the NS records for every zone the master is authoritative for.
You can check the log files, to see if the master sends notifies to the 2nd slave.

Regards