Linux - DesktopThis forum is for the discussion of all Linux Software used in a desktop context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
The primary server is sitting in a different location and with a different subnet. The slave server is on another location with a different subnet.
This all worked well before replicating to each other but not until this week.
For some reason the slave server wont update it's records any more coming from the primary which is causing some entries unable to resolve in the location where the slave server is housed in.
I have restarted the service on both servers but still would not replicate.
I made sure that permissions were also correct comparing both servers side by side.
The output must be a list of every record in the primary server. The list must have the "SOA" record, the "NS" record for both primary and secondary, and optionally several "A" and "CNAME" records for the hosts in your name server.
PS: Check if the NS record has the right address specially for the secondary server.
Last edited by marozsas; 07-14-2009 at 03:40 PM.
Reason: add a important check about the IP address of NS
The output must be a list of every record in the primary server. The list must have the "SOA" record, the "NS" record for both primary and secondary, and optionally several "A" and "CNAME" records for the hosts in your name server.
PS: Check if the NS record has the right address specially for the secondary server.
I have done the above command and compared the details side by side on both. Seems to have SOA & NS records and has most of them inputted with the exception of one record.
This particular record seems to not replicate for some reason. This is a server called csaaqa22.csaa.com 10.10.1.23 A record but this is not showing in the slv dns server.
I saw this in the log:
client 10.10.1.134#53: updating zone 'csaa.com/IN': update failed: not authoritative for update zone (NOTAUTH)
Also it looks like it is loading an old version of the file into the slv dns server instead of the new version I just edited (20090715):
Jul 15 10:59:19 dnssrv01.csaa.com named[19050]: zone csaa.com/IN: loaded version 20090710
Do you think this might be the issue?
Last edited by deibertine; 07-15-2009 at 12:43 PM.
Reason: added notes
I saw this in the log:
client 10.10.1.134#53: updating zone 'csaa.com/IN': update failed: not authoritative for update zone (NOTAUTH)
Looks like you put in your dns server a entry that does not belongs to your domain/network. You can't mix different networks in a single zone/domain. This make sense in this particular case ?
Quote:
Originally Posted by deibertine
Also it looks like it is loading an old version of the file into the slv dns server instead of the new version I just edited (20090715):
Jul 15 10:59:19 dnssrv01.csaa.com named[19050]: zone csaa.com/IN: loaded version 20090710
Do you think this might be the issue?
Are you sure that in the slave (to be politically correct it is secondary) you put the ip of the primary server after the 'at' symbol ?
And what is the output when you ask the same to the secondary server on the secondary server ?
Regarding to the serial number, they must be the same when both servers are synchronized. In fact, the serial number is used to decide if a full synchronization is needed in first place. Don't force/change it by hand on the secondary !
Also, you can test/use another tool to help you to debug your setup.
It is "rndc". This programs "talks" directly to the name server and it can be used to force a synchronization. Look how a a typical successful synchronization process looks like from the secondary (serverb):
Looks like you put in your dns server a entry that does not belongs to your domain/network. You can't mix different networks in a single zone/domain. This make sense in this particular case ?
Are you sure that in the slave (to be politically correct it is secondary) you put the ip of the primary server after the 'at' symbol ?
And what is the output when you ask the same to the secondary server on the secondary server ?
Regarding to the serial number, they must be the same when both servers are synchronized. In fact, the serial number is used to decide if a full synchronization is needed in first place. Don't force/change it by hand on the secondary !
Also, you can test/use another tool to help you to debug your setup.
It is "rndc". This programs "talks" directly to the name server and it can be used to force a synchronization. Look how a a typical successful synchronization process looks like from the secondary (serverb):
What happens if I rename the slv records in the secondary dns server into ***.com.old on all of them.
Will it reload new files from the primary if it didnt find files in there?
We need to be sure that are a "network path" between two servers, regarding to DNS.
This is why the command "dig @primary-ip-address your.domain AXFR" issued on the secondary is so important. make sure to use the right ip address of the primary server and check the serial.
With the serial you got from the primary server check it against the serial it is on the secondary (either using a similar command - dig @secondary-ip-address your.domain AXFR - or by inspecting the file.db on /var/named...)
It is important to repeat the test, this time on the primary to check the connectivity in both directions.
Without the test I can't say much more....
And answering your question, yes, it SHOULD take effect right away (at least in a few seconds), unless there are some problem, which probably is the case.
What happens if I rename the slv records in the secondary dns server into ***.com.old on all of them.
Will it reload new files from the primary if it didnt find files in there?
You mean deleting/renaming "/var/named/slaves/your-domain.db" ? I guess yes, it might work.
Just make sure "/etc/named.conf" has an entry like this:
Code:
zone "your-domain." IN {
type slave;
file "slaves/you-domain.db";
masters {ip-of-master; };
};
Last edited by marozsas; 07-16-2009 at 07:51 AM.
Reason: missing closing bracket
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.