LinuxQuestions.org
Did you know LQ has a Linux Hardware Compatibility List?
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
Search this Thread
Old 05-25-2012, 04:54 AM   #1
Gil@LQ
Member
 
Registered: Apr 2010
Location: India /Hyderabad
Distribution: RedHat, CentOS
Posts: 273

Rep: Reputation: 1
repolication between primary DNS and secondary DNS issue


hi,

i configured bind on rhel6 running fine, later configured secondary dns on another system on rhel6, after i resarting named on secondary dns , zone files were transferred automatically and it was great. but when ever i add new entry on primary dns , they are not getting replicated until i do it manually on secondary dns as below

rndc reload mydomain.com

or else i simply i delete forward and reverse zone file in /var/named/slaves/

and restart named service then both zone files will be reloaded with updated records,

I changed ; refresh option to 1 Min, on slave dns, so that it checks for update for every one min.

Do i need to increase ; serial count every time i edit zone files, or it will be increased automatically ???

i also manally increase ; serial after editing zone files but not being updated automatically...

please help me.
 
Old 05-25-2012, 06:41 AM   #2
bathory
Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 10,955

Rep: Reputation: 1341Reputation: 1341Reputation: 1341Reputation: 1341Reputation: 1341Reputation: 1341Reputation: 1341Reputation: 1341Reputation: 1341Reputation: 1341
Quote:
Do i need to increase ; serial count every time i edit zone files, or it will be increased automatically ???
Of course you have to increase serial after editing a zone file in master and reload bind


Quote:
i also manally increase ; serial after editing zone files but not being updated automatically...
Check the logs to see if the master sends notifies to slave(s).
Maybe posting named.conf could help also.

Regards

Last edited by bathory; 05-25-2012 at 06:45 AM. Reason: typo
 
Old 05-25-2012, 03:19 PM   #3
Gil@LQ
Member
 
Registered: Apr 2010
Location: India /Hyderabad
Distribution: RedHat, CentOS
Posts: 273

Original Poster
Rep: Reputation: 1
hi bathory,

how r u doing? hope you remeber, its me, subbarao ganeshna, i had jermy change my username recently. I have personal reason.... any ways nice to see your reply thanks for that. i dont go to office for next two days so i cant send you named.conf. I think there was no error, cheked with named-check i'll send you any way. thanks for first answer. i'll increas it every time from now. comming to second line,
Quote:
Check the logs to see if the master sends notifies to slave(s).
do i need to edit ;refresh settings for master also ?

when i was googling i came across one thing that , if we set rndc and edit some thing in /etc/rndc.conf... we dont have to restart named every time master dns gets updated what's it ?

thank you.
 
Old 05-25-2012, 04:55 PM   #4
bathory
Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 10,955

Rep: Reputation: 1341Reputation: 1341Reputation: 1341Reputation: 1341Reputation: 1341Reputation: 1341Reputation: 1341Reputation: 1341Reputation: 1341Reputation: 1341
Hi.

Quote:
I think there was no error, cheked with named-check i'll send you any way.
I didn't say there is an error in your config. You maybe have a "notify no" in master's named.conf, so it doesn't sent notifies to slave(s)


Quote:
do i need to edit ;refresh settings for master also ?
Don't get what you mean. Notifies are sent automatically by default when a zone is changed in master.
Anyway, the procedure when editing a zone file in master is the following:
Do your edits in the zone file
Increase the serial
Restart bind (or just reload the zone using rndc)

Quote:
if we set rndc and edit some thing in /etc/rndc.conf... we dont have to restart named every time master dns gets updated what's it ?
That what I've said above. If rndc is configured correctly, you can use:
Code:
rndc reload zone
to reload the zone and send notifies.

Regards
 
Old 05-26-2012, 10:30 AM   #5
Gil@LQ
Member
 
Registered: Apr 2010
Location: India /Hyderabad
Distribution: RedHat, CentOS
Posts: 273

Original Poster
Rep: Reputation: 1
hi bathory,

thanks for clarifying me

Quote:
Do your edits in the zone file
Increase the serial
Restart bind (or just reload the zone using rndc)
Today i tried at home configuring masters and slave. it worked fine, i think i just one thing changed that is

in zone file, i added NS record for slave in master dns server. which i didnt in my office, only added A record for slave.

I just one want to let you know that when i thry rndc reload zone command is failing on master zone, if i userndc reolad it says commnad successful reloaded jones, but dns is not resolving for newly added record. It works only after restarting named serice. Any ways thank you. Im sorry i didnt get you.

Quote:
I didn't say there is an error in your config. You maybe have a "notify no" in master's named.conf, so it doesn't sent notifies to slave(s)
here are my files

Quote:
zone "gil.net" IN {
type master;
file "for.zone";
allow-update { 192.168.85.9; };
};

zone "localhost" IN {
type master;
file "named.localhost";
allow-update { none; };
};

zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
type master;
file "named.loopback";
allow-update { none; };
};

zone "85.168.192.in-addr.arpa" IN {
type master;
file "rev.zone";
allow-update { 192.168.85.9; };
};

zone "0.in-addr.arpa" IN {
type master;
file "named.empty";
allow-update { none; };
};
slave dns

Quote:
zone "gil.net" IN {
type slave;
file "slaves/for";
masters {192.168.85.8;};
allow-update { none; };
};

zone "localhost" IN {
type master;
file "named.localhost";
allow-update { none; };
};

zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
type master;
file "named.loopback";
allow-update { none; };
};

zone "85.168.192.in-addr.arpa" IN {
type slave;
file "slaves/rev";
masters {192.168.85.8;};
allow-update { none; };
};

zone "0.in-addr.arpa" IN {
type master;
file "named.empty";
allow-update { none; };
};
Forward ZONE file. files

MASTERS

Quote:
$TTL 1D
@ IN SOA server1.gil.net. root.server1.gil.net. (
1004 ; serial
1M ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
IN NS server1.gil.net.
IN NS server2.gil.net.
server1 IN A 192.168.85.8
server2 IN A 192.168.85.9
subbu IN A 192.168.85.112
~

Forward zone SLAVES

Quote:
$ORIGIN .
$TTL 86400 ; 1 day
gil.net IN SOA server1.gil.net. root.server1.gil.net. (
1004 ; serial
60 ; refresh (1 minute)
3600 ; retry (1 hour)
604800 ; expire (1 week)
10800 ; minimum (3 hours)
)
NS server1.gil.net.
NS server2.gil.net.
$ORIGIN gil.net.
server1 A 192.168.85.8
server2 A 192.168.85.9
subbu A 192.168.85.112
I set refresh interval to IM in masters the same replicated to slave, is it correct or should i add 1M in slave, because if i edit slave zone file, it's getting changed after every update from masters. thats why set refresh interval in primary zone file. ami correct.

One thing that is i didnt find any notify yes entry in /etc/named.rfc1912.zones file. it working fine without it any ways please check my config files and suggest me what else i should to make sure primary records get replicated to slave dns.

thank you very much for your time bathory...

---------- Post added 05-26-12 at 10:31 AM ----------

hi bathory,

thanks for clarifying me

Quote:
Do your edits in the zone file
Increase the serial
Restart bind (or just reload the zone using rndc)
Today i tried at home configuring masters and slave. it worked fine, i think i just one thing changed that is

in zone file, i added NS record for slave in master dns server. which i didnt in my office, only added A record for slave.

I just one want to let you know that when i thry rndc reload zone command is failing on master zone, if i userndc reolad it says commnad successful reloaded jones, but dns is not resolving for newly added record. It works only after restarting named serice. Any ways thank you. Im sorry i didnt get you.

Quote:
I didn't say there is an error in your config. You maybe have a "notify no" in master's named.conf, so it doesn't sent notifies to slave(s)
here are my files

Quote:
zone "gil.net" IN {
type master;
file "for.zone";
allow-update { 192.168.85.9; };
};

zone "localhost" IN {
type master;
file "named.localhost";
allow-update { none; };
};

zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
type master;
file "named.loopback";
allow-update { none; };
};

zone "85.168.192.in-addr.arpa" IN {
type master;
file "rev.zone";
allow-update { 192.168.85.9; };
};

zone "0.in-addr.arpa" IN {
type master;
file "named.empty";
allow-update { none; };
};
slave dns

Quote:
zone "gil.net" IN {
type slave;
file "slaves/for";
masters {192.168.85.8;};
allow-update { none; };
};

zone "localhost" IN {
type master;
file "named.localhost";
allow-update { none; };
};

zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
type master;
file "named.loopback";
allow-update { none; };
};

zone "85.168.192.in-addr.arpa" IN {
type slave;
file "slaves/rev";
masters {192.168.85.8;};
allow-update { none; };
};

zone "0.in-addr.arpa" IN {
type master;
file "named.empty";
allow-update { none; };
};
Forward ZONE file. files

MASTERS

Quote:
$TTL 1D
@ IN SOA server1.gil.net. root.server1.gil.net. (
1004 ; serial
1M ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
IN NS server1.gil.net.
IN NS server2.gil.net.
server1 IN A 192.168.85.8
server2 IN A 192.168.85.9
subbu IN A 192.168.85.112
~

Forward zone SLAVES

Quote:
$ORIGIN .
$TTL 86400 ; 1 day
gil.net IN SOA server1.gil.net. root.server1.gil.net. (
1004 ; serial
60 ; refresh (1 minute)
3600 ; retry (1 hour)
604800 ; expire (1 week)
10800 ; minimum (3 hours)
)
NS server1.gil.net.
NS server2.gil.net.
$ORIGIN gil.net.
server1 A 192.168.85.8
server2 A 192.168.85.9
subbu A 192.168.85.112
I set refresh interval to IM in masters the same replicated to slave, is it correct or should i add 1M in slave, because if i edit slave zone file, it's getting changed after every update from masters. thats why set refresh interval in primary zone file. ami correct.

One thing that is i didnt find any notify yes entry in /etc/named.rfc1912.zones file. it working fine without it any ways please check my config files and suggest me what else i should to make sure primary records get replicated to slave dns.

thank you very much for your time bathory...
 
Old 05-26-2012, 12:52 PM   #6
bathory
Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 10,955

Rep: Reputation: 1341Reputation: 1341Reputation: 1341Reputation: 1341Reputation: 1341Reputation: 1341Reputation: 1341Reputation: 1341Reputation: 1341Reputation: 1341
Hi,

Quote:
Today i tried at home configuring masters and slave. it worked fine, i think i just one thing changed that is

in zone file, i added NS record for slave in master dns server. which i didnt in my office, only added A record for slave.
That explains everything. Master sends notifies by default to the nameservers listed in the zone NS records, unless there is a "also-notify ..." statement that adds additional servers that need to be notified. And of course you need to list all the NS RRs in a zone file.


Quote:
I just one want to let you know that when i thry rndc reload zone command is failing on master zone, if i userndc reolad it says commnad successful reloaded jones, but dns is not resolving for newly added record. It works only after restarting named serice.
You should replace zone with the actual zone name, e.g.
Code:
rndc reload example.com
You can also use just "rndc reload", where rndc scans all zone files and reload only those changed


Quote:
I set refresh interval to IM in masters the same replicated to slave, is it correct or should i add 1M in slave, because if i edit slave zone file, it's getting changed after every update from masters. thats why set refresh interval in primary zone file. ami correct.
It's fine for testing, but in normal operation you should increase it (1d is good)


Quote:
One thing that is i didnt find any notify yes entry in /etc/named.rfc1912.zones file.
This is normal, as the default is "notify yes"

Regards
 
Old 05-26-2012, 02:59 PM   #7
Gil@LQ
Member
 
Registered: Apr 2010
Location: India /Hyderabad
Distribution: RedHat, CentOS
Posts: 273

Original Poster
Rep: Reputation: 1
hi,

thanks for your help. now im clear that

1. NS record is must for slave dns on master dns to know master that there is anohter dns server and i should send notification...

2. "notify yes;" is default even it's not mentioned in /etc/named.rfc1912.zones. isnt it ?

is it neccesary to add "notify yes;"

Quote:
zone "gil.net" IN {
type master;
file "for.zone";
allow-update { 192.168.85.9; };
notify yes;
};


i'll change refresh interval to One day...

Thank you very much .

Last edited by Gil@LQ; 05-26-2012 at 03:01 PM.
 
Old 05-26-2012, 04:01 PM   #8
lithos
Senior Member
 
Registered: Jan 2010
Location: SI : 45.9531, 15.4894
Distribution: CentOS, OpenNA/Trustix, testing desktop openSuse 12.1 /Cinnamon/KDE4.8
Posts: 1,144

Rep: Reputation: 217Reputation: 217Reputation: 217
Quote:
Originally Posted by Gil@LQ View Post
hi,

thanks for your help. now im clear that

1. NS record is must for slave dns on master dns to know master that there is anohter dns server and i should send notification...
2. "notify yes;" is default even it's not mentioned in /etc/named.rfc1912.zones. isnt it ?
is it neccesary to add "notify yes;"

Code:
zone "gil.net" IN {
type master;
file "for.zone";
allow-update { 192.168.85.9; };
notify yes;
};
i'll change refresh interval to One day...
Thank you very much .
Hi,

It doesn't hurt if you add "notify yes", for testing TTL 1M is OK, when you're sure it's working, again change serial number and increase to 1D,
and maybe you could add "allow-transfer" to the zone
Quote:
allow-transfer { address_match_list }; Specifies an ACL on who can receive a zone transfer from this server. The default is any.
Example:
Code:
zone "toddgarrison.org" IN {
 type master;
 file "toddgarrison.org.signed";
 allow-update { none; };
 allow-query { any; };
 allow-transfer { 1.2.3.254; };
 notify yes;
};
list your Secondary DNS IP to allow transfer of zone record.

What catched my eye is your allow-update line
which I don't use and I'm afraid if you're using it on your Master DNS server it might be a problem. I would remove it !

Last edited by lithos; 05-26-2012 at 04:13 PM.
 
Old 05-27-2012, 06:19 AM   #9
Gil@LQ
Member
 
Registered: Apr 2010
Location: India /Hyderabad
Distribution: RedHat, CentOS
Posts: 273

Original Poster
Rep: Reputation: 1
hi lithos,

so you say zone file configuration for Master & Slaves should look like this ???

MASTER DNS

Quote:
zone "gil.net" IN {
type master;
file "for.zone";
allow-update { none; };
allow-transfer { <slave dns IP>; };
notify yes;
};

SLAVE DNS
Quote:
zone "gil.net" IN {
type slave;
file "slaves/for.zone";
allow-update { <Master DNS IP>; };
masters { <Master DNS IP> ;};
};
is it fine, just give me final zone configuration.

though i mentioned allow update in MASTER DNS server, my dns servers are working fine.

one thing is if i added allow-update (masternds IP); in slave dns file, and use named-checkconf command get error.

Quote:
[root@server2 ~]# named-checkconf /etc/named.rfc1912.zones
/etc/named.rfc1912.zones:17: option 'allow-update' is not allowed in 'slave' zone 'gil.net'
/etc/named.rfc1912.zones:36: option 'allow-update' is not allowed in 'slave' zone '85.168.192.in-addr.arpa'
i removed the line and working fine. just give me final thing for master and dns...


thank you.

Last edited by Gil@LQ; 05-27-2012 at 07:48 AM.
 
Old 05-27-2012, 10:02 AM   #10
lithos
Senior Member
 
Registered: Jan 2010
Location: SI : 45.9531, 15.4894
Distribution: CentOS, OpenNA/Trustix, testing desktop openSuse 12.1 /Cinnamon/KDE4.8
Posts: 1,144

Rep: Reputation: 217Reputation: 217Reputation: 217
Hi Gil@LQ,

Yes,

your zones are correct, just delete the line "allow-update" and you're ok.

Here are my configurations:

Master zone:
Code:
zone "example.com" in {
notify yes;
type master;
file "master/db.example.com";
allow-transfer { secondary_dns_ip; };
allow-query { any; };
};
secondary zone:
Code:
zone "example.com" in {
type slave;
file "slave/db.example.com";
masters { master_DNS-IP; };
allow-query { any; };
};
and the domain config:
db.example.com
Code:
; Start of Authority (SOA) records.
$ORIGIN example.com.
$TTL 6H
@       IN              SOA  ns.primarydns.com. info.primarydns.com.  (
                                          2011010101  ; Serial
                                          4H       ; Refresh
                                          1H        ; Retry
                                          1W      ; Expire
                                          6H )     ; TTL

; Name Server (NS) records.
                            IN              NS   ns.primarydns.com.
                            IN              NS   ns.secondarydns.com.

; Mail Exchange (MX) records.
example.com.    IN          MX   10 mail.example.com.


; Address (A) records.
example.com.               IN      A       19.18.13.22
mail                    IN      A       19.18.13.22
www                     IN      A       19.18.13.22

; Aliases in Canonical Name (CNAME) records.
Marked TTL 6H values must be the same!

Last edited by lithos; 05-27-2012 at 10:08 AM.
 
Old 05-27-2012, 03:28 PM   #11
Gil@LQ
Member
 
Registered: Apr 2010
Location: India /Hyderabad
Distribution: RedHat, CentOS
Posts: 273

Original Poster
Rep: Reputation: 1
Thanks you lithos for your time and clarifying me.

thank you very much.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
how to set up a primary and secondary dns server alek66 Linux - Networking 3 06-23-2008 02:21 PM
How to confvert a secondary DNS server to a primary? Tazzmanian Linux - Networking 5 12-15-2005 11:07 AM
DNS- Windows Primary, bind secondary mjstone03 Linux - General 0 09-27-2005 04:09 PM
primary - secondary DNS jsheffie Solaris / OpenSolaris 2 08-01-2005 07:55 AM
Primary and Secondary DNS dilberim82 Linux - Networking 3 07-13-2001 11:50 AM


All times are GMT -5. The time now is 08:24 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration