LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
Search this Thread
Old 01-23-2008, 04:06 PM   #1
sowell
LQ Newbie
 
Registered: Jul 2007
Posts: 18

Rep: Reputation: 0
transfer named.conf file from master to slave nameserver


Well, I've held out a long time on my first post but here it is. Is there an easy or somewhat easy way to transfer the etc/named.conf file from the master to the slave nameserver so that it wont error out when trying to send the db files themselves from the master to the slave? Ive seen one bash script that does it but it looks OVERLY complicated for such an easy task. Any insight is extremely appreciated.
 
Old 01-23-2008, 04:30 PM   #2
JimBass
Senior Member
 
Registered: Oct 2003
Location: New York City
Distribution: Debian Sid 2.6.32
Posts: 2,100

Rep: Reputation: 48
It is extremely easy. You should be able to use scp, which is similar to the copy command, but run over ssh. Use scp to transfer the named.conf file from the master to your home directory on the slave. Then go in as your regular user, edit the file (remove all the master statements and replace them with slave), then become root, stop named, backup the old named.conf, bring in the new named.conf, change the ownership on it, start BIND and you're done.

A script could do it nicely, but if you're only talking about a few zones, it probably would take longer to do the script than just editing by hand.

Examples -

server 1, the master, has IP address 2.3.4.5. Server 2, the slave, has IP 2.3.4.6.

On server 1 -
Code:
scp /etc/bind/named.conf your_regular_user@2.3.4.6:/home/your_regular_user/
It will ask you for a password if your system does password authentication over ssh. Most don't (shouldn't).

Then ssh onto the slave

Code:
ssh 2.3.4.6
Edit named.conf in your home directory, changing all the master statements to slave, and provide the address of the master -

vim (or any editor you like) named.conf

What looks like:
Code:
zone "example.com" in {
        type master;
        file "example.com";
};
Should become:
Code:
zone "example.com" in {
        type slave;
        file "example.com";
        masters {2.3.4.5;};
};
Then stop BIND, copy the old named.conf to be safe, replace it with the new one, and restart. These commands are geared to Debian, but may well work on other distros as well. Put your distro in your profile, so we can give more specific instructions.

As root:
Code:
/etc/init.d/bind9 stop
mv /etc/bind/named.conf /etc/bind/named.conf.20080123
mv /home/your_regular_user/named.conf /etc/bind/named.conf
chown root:bind /etc/bind/named.conf
/etc/init.d/bind9 start
If you have things like rndc keys in the named.conf, than you'll just want to leave those as they are, and simply copy in the changed parts of the file. The rndc key from the master won't work on the slave, so don't screw that up. Also, Debian and a few other distros ship bind with 3 config files. Whereas named.cond used to include everything, they now split it into named.conf, named.conf.local, and named.conf.options. If you have a situation like that, all the zone changes should go in named.conf.local.

Peace,
JimBass

Last edited by JimBass; 01-23-2008 at 04:31 PM.
 
Old 01-23-2008, 05:04 PM   #3
sowell
LQ Newbie
 
Registered: Jul 2007
Posts: 18

Original Poster
Rep: Reputation: 0
Im looking for a solution that requires no interaction from me whatsover. This is something I want to cron and have run probably every 10 minutes or so. I have a couple of regex's written to change the masters/file lines in the config file:

Code:
perl -pi.bak -e 's/(file "slave.*)/$1\n\tmasters\ { ipaddr; };'
My guess at this point would be that I would need to write a bash script that will do this for me, as there is no way to do it through bind/dns options/controls etc. AFAIR, scp will require me to enter a username and password everytime the file is transfered so that would definately be something I would need to add in. I obviously dont want to keep that information sitting in the script in plain text so im going to have to figure out a way around that.

I appreciate the detailed/quick response, thanks JimBass.

Sol
 
Old 01-23-2008, 05:23 PM   #4
JimBass
Senior Member
 
Registered: Oct 2003
Location: New York City
Distribution: Debian Sid 2.6.32
Posts: 2,100

Rep: Reputation: 48
scp doesn't require a password every time at all. You need to set it up without a password, but it is entirely possible to have a program from one machine ssh to another with no human interaction.

Follow the steps detailed here - http://backuppc.sourceforge.net/faq/..._setup_openssh
The first time you try to make the connection, it will ask (yes/no) if you accept the key of the other host, then after that first time, it can happen automatically without any human interaction.

MAJOR WARNING!!!!!!!!
To do that for a named.conf file, you'll have to come in as root. That means anyone who hacks the system holding the key has unlimited access to the second system as well. You are MUCH safer if you transfer the file as a non-root user, then modify it and only use root to put it in place.

Peace,
JimBass
 
Old 01-23-2008, 06:55 PM   #5
trickykid
Guru
 
Registered: Jan 2001
Posts: 24,133

Rep: Reputation: 199Reputation: 199
With Bind if it's properly setup, you shouldn't have to update the named.conf file manually when you make changes on the master. What's the point in having a master/slave setup that acts like a replication then.. you might as well just make the changes on both servers. You must be doing something wrong in your setup.
 
Old 01-23-2008, 07:15 PM   #6
JimBass
Senior Member
 
Registered: Oct 2003
Location: New York City
Distribution: Debian Sid 2.6.32
Posts: 2,100

Rep: Reputation: 48
What trickykid wrote is true, but we're talking about 2 different things. Yes, any changes you make within a zone will be brought across from the master to the slave with no further interaction. You won't have to change named.conf unless you are adding new domains. If you just change an IP or whatever you won't need to modify named.conf, but if you add a new zone, say example2.com, you'll have to modify named.conf.

Peace,
JimBass
 
Old 01-23-2008, 07:22 PM   #7
trickykid
Guru
 
Registered: Jan 2001
Posts: 24,133

Rep: Reputation: 199Reputation: 199
Quote:
Originally Posted by JimBass View Post
What trickykid wrote is true, but we're talking about 2 different things. Yes, any changes you make within a zone will be brought across from the master to the slave with no further interaction. You won't have to change named.conf unless you are adding new domains. If you just change an IP or whatever you won't need to modify named.conf, but if you add a new zone, say example2.com, you'll have to modify named.conf.

Peace,
JimBass
Okay, yeah, I was totally thinking of something else. But yeah, if you really update named.conf that often, you're better off just writing a script to copy it over only if it changes, not copy it over every so many minutes, that's just stupid and a waste of bandwidth. Make smart scripts but convenient instead of crappy scripts just to get the job done.
 
Old 01-23-2008, 09:33 PM   #8
sowell
LQ Newbie
 
Registered: Jul 2007
Posts: 18

Original Poster
Rep: Reputation: 0
Quote:
Make smart scripts but convenient instead of crappy scripts just to get the job done.
Extremely true! But yes you did misunderstand. The db files do transfer if and only if the zone declaration exists on both the master and the slaves named.conf file. The script that I was looking at online that does it just seems rediculous:

http://www.zazzybob.com/bin/sync_to_slave.sh.html
 
Old 01-23-2008, 09:42 PM   #9
JimBass
Senior Member
 
Registered: Oct 2003
Location: New York City
Distribution: Debian Sid 2.6.32
Posts: 2,100

Rep: Reputation: 48
That script doesn't at all appear ridiculous. It is pretty well commented out, so more than half of what is written isn't a "script" but an explanation of what the script is trying to do.

What does appear ridiculous is the idea of adding new zones so often that you need to modify your named.conf so much. Are you a major league ISP or hosting facility? I can't imagine they would need somebody to be asking questions like this at linuxquestions.org. I've been running DNS for a small ISP for years, and I've never had to make more than one or two changes to a named.conf file in a month, let alone several times per hour. What you are looking to do can be done, but I think you are grossly overestimating the amount of zones you are going to be authoritative for.

Peace,
JimBass
 
  


Reply

Tags
bind, dns, named


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
RHEL5 named.caching-nameserver.conf does work! keysorsoze Red Hat 13 05-02-2008 03:03 AM
DNS BIND Zone transfer fails from Master to Slave ALInux Linux - Networking 0 08-28-2007 06:19 AM
BIND Slave server never gets zone transfer from master. HELP!! quackking Linux - Networking 2 08-30-2006 01:54 PM
Tricks for performing a master -> slave zone/domain transfer from WIN2003 to Suse 10 zippie74 Linux - Networking 4 05-16-2006 02:50 AM
DNS named.conf master/slave question pao Linux - Networking 5 11-12-2004 05:50 AM


All times are GMT -5. The time now is 04:04 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration