Slave DNS server zone trasnsfering after 30 min

rameshk_tvm · 11-03-2009, 11:25 PM

Hi,

I have setup a DNS server using bind and enabled View setting on this. I configured with 3 views in master and slave. Also configured 3 IP address aliases in slave server and configured. Everything is fine but the problem is out of 3 Views 2 are getting updated within 2 min but the 3rd view will get update on after 30 min. Please find the below configurations and please advise what changes I need to make to get update all the views soon.

Master server Named.conf file.

acl internal {
192.168.30.0/24;
};

acl intranet {
192.168.20.0/24;
};

view "internal"
{ match-clients { !192.168.30.253; !192.168.30.251; internal; };

zone "." {
type hint;
file "internal/named.ca";
};

zone "test.org" {
type master;
file "internal/db.test.org";
allow-transfer { 192.168.30.247; };
allow-update { none; };
notify yes ;
};

};

view "intranet"
{ match-clients { !192.168.30.253; !192.168.30.247; intranet; };

zone "." {
type hint;
file "intranet/named.ca";
};

zone "test.org" {
type master;
file "intranet/db.test.org";
allow-transfer { 192.168.30.251; };
allow-update { none; };
notify yes ;
};

};

view "any"
{ match-clients { any; };

zone "." {
type hint;
file "any/named.ca";
};

zone "test.org" {
type master;
file "any/db.test.org";
allow-transfer { 192.168.30.253; };
allow-update { none; };
notify yes ;
};

};

=============

Slave server named.conf file

acl internal {
192.168.30.0/24;
};

acl intranet {
192.168.20.0/24;
};

view internal {
match-clients { internal; };

zone "." IN {
type hint;
file "internal/named.ca";
};
zone "test.org" {
type slave;
masters {192.168.30.238; };
transfer-source 192.168.30.247;
file "internal/secondary/db.test.org";
};
};

view intranet {
match-clients { intranet; };

zone "." IN {
type hint;
file "intranet/named.ca";
};
zone "test.org" {
type slave;
masters {192.168.30.238; };
transfer-source 192.168.30.251;
file "intranet/secondary/db.test.org";
};
};

view any {
match-clients { any; };

zone "." IN {
type hint;
file "any/named.ca";
};
zone "test.org" {
type slave;
masters {192.168.30.238; };
transfer-source 192.168.30.253;
file "any/secondary/db.test.org";
};
};

===================

Please help me as this is urgent and I need to give my report to soon. I am searching for a solution long time.

Ram.

bertl · 11-04-2009, 11:15 AM

Have you considered using also-notify?

IIRC 'notify yes;' only notifies slaves that are mentioned in the zone file, while 'also-notify { 192.168.30.247; list; of; slaves; };' will notify them whether or not they are mentioned in the zone file.

-Bert

rameshk_tvm · 11-05-2009, 11:44 AM

Thank you Bert.

yes I have included also-notify in my named.conf file with all slave servers. But still the result is same. Is there any think like do I need to configure 2 more IP address in Master and and spacify same in slave ?? I am not sure just a guess..

please advise.

bertl · 11-05-2009, 01:08 PM

I think you only need to make sure that the slaves accept notifications (from the master) and that the master sends them notifies, and allows transfers to be pulled from them.

If that's all set, have a look in the logs, to see that

1. those notifies get sent
2. they are received on the slaves
3. the slaves try and do a transfer after notify
4. the transfer actually works.

Since you indicated that transfers do happen, but much later, it seems to me that the notifies either don't get sent or aren't received.

Is there a firewall between the master and the slave that doesn't seem to receive notifies? I would carefully check the logs on both sides, and possibly do a tcpdump on both ends to see what leaves and what comes in.

If I remember correctly notifies are usually sent as udp/53 packets, while transfers usually happen over tcp/53.

Try

Code:

tcpdump -nnvvvi eth0 port 53

if you suspect network / firewall issues, will you show you both tcp and udp packets, and tcpdump understands DNS well enough to give a clue what is happening. You could filter per host ('and host <the-other-end>') if there is too much DNS traffic to see anything useful.

Totally different thing: make sure the slave doesn't think it has a more up to date version of the zone file. The notify stuff only works, I think, if you up the version number of the master zone file, and it is higher than that on the slaves. Shouldn't be the case since you do see the transfers eventually.

-Bert

rameshk_tvm · 11-06-2009, 11:44 AM

Thank you again Bert...

I checked the logs and from master I can see the notify is sending to slave and slave receives the nofity and updating the zone is up to date.

And the Happy news is I have resolved the issue today by adding multiple IP addressess in MAster and Slave. So this will communicate one to one...

I followed the below link and finally all zones are get updated and transferred zones.

Thanks a lot Mark, who was answered this question in google group.

http://groups.google.com/group/comp....f6788343124214

I really appreciate your prompt comments Bert, on my question and the method of troubleshoot.

Regards,
Ram.