LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Closed Thread
 
Search this Thread
Old 09-19-2008, 11:29 AM   #1
dholgado
LQ Newbie
 
Registered: Sep 2008
Posts: 2

Rep: Reputation: 0
Unable to synchronize BIND 9 Master Slave Servers


BIND9 Master Slave Sync problem on Etch 4 servers
I have set up a master and slave DNS servers and am unable to work out why I cannot get them to synchronize. The master ns-a works correctly as a DNS server but the slave ns-b is unable to sync. I have also used WEBMIN 1.430 in the configuration but am now lost as how to solve the problem.

The following are the logs from each following startup:

Sep 19 17:51:09 ns-a named[4624]: starting BIND 9.3.4-P1.1 -c /etc/bind/named.conf
Sep 19 17:51:09 ns-a named[4624]: found 1 CPU, using 1 worker thread
Sep 19 17:51:09 ns-a named[4624]: loading configuration from '/etc/bind/named.conf'
Sep 19 17:51:09 ns-a named[4624]: listening on IPv6 interfaces, port 53
Sep 19 17:51:09 ns-a named[4624]: binding TCP socket: address in use
Sep 19 17:51:09 ns-a named[4624]: listening on IPv4 interface lo, 127.0.0.1#53
Sep 19 17:51:09 ns-a named[4624]: binding TCP socket: address in use
Sep 19 17:51:09 ns-a named[4624]: listening on IPv4 interface eth0, 192.168.1.2#53
Sep 19 17:51:09 ns-a named[4624]: binding TCP socket: address in use
Sep 19 17:51:09 ns-a named[4624]: command channel listening on 192.168.1.2#953
Sep 19 17:51:09 ns-a named[4624]: zone 0.in-addr.arpa/IN: loaded serial 1
Sep 19 17:51:09 ns-a named[4624]: zone 127.in-addr.arpa/IN: loaded serial 1
Sep 19 17:51:09 ns-a named[4624]: zone 1.168.192.in-addr.arpa/IN: loaded serial 2008091905
Sep 19 17:51:09 ns-a named[4624]: zone 255.in-addr.arpa/IN: loaded serial 1
Sep 19 17:51:09 ns-a named[4624]: zone integra.lan/IN: loaded serial 2008091908
Sep 19 17:51:09 ns-a named[4624]: zone localhost/IN: loaded serial 1
Sep 19 17:51:09 ns-a named[4624]: running
Sep 19 17:51:09 ns-a named[4624]: zone integra.lan/IN: sending notifies (serial 2008091908)
Sep 19 17:51:09 ns-a named[4624]: zone 1.168.192.in-addr.arpa/IN: sending notifies (serial 2008091905)
Sep 19 17:51:09 ns-a named[1960]: client 192.168.1.3#4651: request has invalid signature: TSIG integrakey: tsig verify failure (BADKEY)
Sep 19 17:51:10 ns-a named[1960]: client 192.168.1.3#2755: request has invalid signature: TSIG integrakey: tsig verify failure (BADKEY)


Sep 19 17:57:09 ns-b named[4206]: starting BIND 9.3.4-P1.1 -c /etc/bind/named.conf
Sep 19 17:57:09 ns-b named[4206]: found 1 CPU, using 1 worker thread
Sep 19 17:57:09 ns-b named[4206]: loading configuration from '/etc/bind/named.conf'
Sep 19 17:57:09 ns-b named[4206]: listening on IPv6 interfaces, port 53
Sep 19 17:57:09 ns-b named[4206]: binding TCP socket: address in use
Sep 19 17:57:09 ns-b named[4206]: listening on IPv4 interface lo, 127.0.0.1#53
Sep 19 17:57:09 ns-b named[4206]: binding TCP socket: address in use
Sep 19 17:57:09 ns-b named[4206]: listening on IPv4 interface eth0, 192.168.1.3#53
Sep 19 17:57:09 ns-b named[4206]: binding TCP socket: address in use
Sep 19 17:57:09 ns-b named[4206]: command channel listening on 192.168.1.3#953
Sep 19 17:57:09 ns-b named[4206]: zone 0.in-addr.arpa/IN: loaded serial 1
Sep 19 17:57:09 ns-b named[4206]: zone 127.in-addr.arpa/IN: loaded serial 1
Sep 19 17:57:09 ns-b named[4206]: zone 1.168.192.in-addr.arpa/IN: has 0 SOA records
Sep 19 17:57:09 ns-b named[4206]: zone 1.168.192.in-addr.arpa/IN: has no NS records
Sep 19 17:57:09 ns-b named[4206]: zone 255.in-addr.arpa/IN: loaded serial 1
Sep 19 17:57:09 ns-b named[4206]: zone integra.lan/IN: has 0 SOA records
Sep 19 17:57:09 ns-b named[4206]: zone integra.lan/IN: has no NS records
Sep 19 17:57:09 ns-b named[4206]: zone localhost/IN: loaded serial 1
Sep 19 17:57:09 ns-b named[4206]: running
Sep 19 17:57:09 ns-b named[4206]: zone integra.lan/IN: Transfer started.
Sep 19 17:57:09 ns-b named[4206]: transfer of 'integra.lan/IN' from 192.168.1.2#53: connected using 192.168.1.3#4216
Sep 19 17:57:09 ns-b named[4206]: transfer of 'integra.lan/IN' from 192.168.1.2#53: failed while receiving responses: NOTAUTH
Sep 19 17:57:09 ns-b named[4206]: transfer of 'integra.lan/IN' from 192.168.1.2#53: end of transfer
Sep 19 17:57:10 ns-b named[4206]: zone 1.168.192.in-addr.arpa/IN: Transfer started.
Sep 19 17:57:10 ns-b named[4206]: transfer of '1.168.192.in-addr.arpa/IN' from 192.168.1.2#53: connected using 192.168.1.3#4351
Sep 19 17:57:10 ns-b named[4206]: transfer of '1.168.192.in-addr.arpa/IN' from 192.168.1.2#53: failed while receiving responses: NOTAUTH
Sep 19 17:57:10 ns-b named[4206]: transfer of '1.168.192.in-addr.arpa/IN' from 192.168.1.2#53: end of transfer

The following is the named.conf for ns-a


// This is the primary configuration file for the BIND DNS server named.

include "/etc/bind/named.conf.options";
include "/etc/bind/named.conf.local";
include "/etc/bind/integra.key";

controls {
inet 192.168.1.2 port 953 allow { 192.168.1.3; 127.0.0.1; } keys { integrakey; };
};

server 192.168.1.3 {
keys {
integrakey;
};
};

and named.conf from ns-b

// This is the primary configuration file for the BIND DNS server named.

include "/etc/bind/named.conf.options";
include "/etc/bind/named.conf.local";
include "/etc/bind/integra.key";

controls {
inet 192.168.1.3 port 953 allow { 192.168.1.2; 127.0.0.1; } keys { integrakey; };
};

server 192.168.1.2 {
keys {
integrakey;
};
};

The key file integra.key is the same on both master and slave:

key integrakey {
algorithm hmac-md5;
secret "lMPtoMy5ve4gvMr3wfFGSg==";
};

The ns-a named.conf.local is

//
// Do any local configuration here
//

// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";

zone "integra.lan" {
type master;
file "/etc/bind/zones/master/integra.lan.hosts";
allow-transfer { key integrakey; };
notify yes;
};
zone "1.168.192.in-addr.arpa" {
type master;
file "/etc/bind/zones/master/192.168.1.rev";
allow-transfer { key integrakey; };
notify yes;
};

The ns-b named.conf.local is

//
// Do any local configuration here
//

// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";

zone "integra.lan" {
type slave;
masters {
192.168.1.2;
};
allow-notify {
192.168.1.2;
};
file "/etc/bind/zones/slave/integra.lan.hosts";
};
zone "1.168.192.in-addr.arpa" {
type slave;
masters {
192.168.1.2;
};
allow-notify {
192.168.1.2;
};
file "/etc/bind/zones/slave/192.168.1.rev";
};


The ns-a named.conf.options is

options {
directory "/var/cache/bind";

// If there is a firewall between you and nameservers you want
// to talk to, you might need to uncomment the query-source
// directive below. Previous versions of BIND always asked
// questions using port 53, but BIND 8.1 and later use an unprivileged
// port by default.

// query-source address * port 53;

// If your ISP provided one or more IP addresses for stable
// nameservers, you probably want to use them as forwarders.
// Uncomment the following block, and insert the addresses replacing
// the all-0's placeholder.

// forwarders {
// 0.0.0.0;
// };

auth-nxdomain no; # conform to RFC1035
listen-on-v6 { any; };
dnssec-enable yes;
forwarders {
212.0.97.81;
212.0.97.82;
};
};

The ns-b named.conf.options is


options {
directory "/var/cache/bind";

auth-nxdomain no; # conform to RFC1035
listen-on-v6 { any; };
dnssec-enable yes;
};

I would appreciate and help that anyone may be able to offer or suggest.
Thank you very much in advance
 
Old 09-19-2008, 12:10 PM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,470
Blog Entries: 54

Rep: Reputation: 2901Reputation: 2901Reputation: 2901Reputation: 2901Reputation: 2901Reputation: 2901Reputation: 2901Reputation: 2901Reputation: 2901Reputation: 2901Reputation: 2901
Please post your thread once and in only one forum. Posting a single thread in the most relevant forum will make it easier for members to help you and will keep the discussion in one place. This thread should be closed because it is a duplicate.
 
  


Closed Thread


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
BIND9 Master Slave Sync problem on Etch 4 servers dholgado Linux - Newbie 1 09-20-2008 09:12 PM
DNS BIND Zone transfer fails from Master to Slave ALInux Linux - Networking 0 08-28-2007 05:19 AM
BIND Slave server never gets zone transfer from master. HELP!! quackking Linux - Networking 2 08-30-2006 12:54 PM
Tranferring Zones, Master to Slave, DNS - BIND newpylong Linux - Networking 0 09-02-2004 08:01 AM
Nis master and slave servers on diff architecture breenbaron Linux - Networking 0 07-25-2004 09:34 AM


All times are GMT -5. The time now is 01:24 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration