Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I've added a secondary BIND nameserver for High Availability.
I did the basic zone adding via YaST in SuSE 11.2, and initially when testing with the secondary server it was showing as "UnKnown". I then added the reverse lookup zone as a slave but that still wasn't working - on investigation I realised that there was no PTR record for the secondary nameserver - so I added one:
ns1:/var/lib/named/slave # cat 192.168.1.rev
$ORIGIN .
$TTL 1W
1.168.192.in-addr.arpa IN SOA ns1.acme.com. root.ns1.acme.com. (
44
2D
4H
6W
1W )
Internal and external lookups work ok - however I notice that there is no NS record for NS2 (but there is PTR as you can see and there is also an A record) - do I need to add "NS ns2.acme.com.1.168.192.in-addr.arpa." to the reverse lookup zone on the master?
As a test I changed the SOA and NS records to be ns2 instead of ns2...and then after restarting named i get presented with the server name instead of "UnKnown"
Should I ever be manually updating zone files on the slave, or should these always be done on the master?
And as an aside...
When I do nslookup from Windows on the Master server, I get:
But on the Slave it's just "ns2.acme.com" (although since reverting back to a snapshot I now get the suffix too) Any particular reason why this is the case? Does it matter?
But on the Slave it's just "ns2.acme.com" (although since reverting back to a snapshot I now get the suffix too) Any particular reason why this is the case? Does it matter?
It doesn't matter, but there in reason to name your dns like ns1.acme.com.1.168.192.in-addr.arpa. Just ns1.acme.com is enough.
Hi Bathory - Many thanks for your help, I think that has fixed it!
I reverted to a snapshot I took before I added the slave role to the server and before adding it again I made the necessary changes to the master zone forward and reverse zone files.
The master reverse zone file now looks like this:
ns1:/var/lib/named/master # cat 1.168.192.rev
$TTL 1W
@ IN SOA ns1.acme.com. root.ns1.acme.com. (
44
2D
4H
6W
1W )
IN NS ns1.acme.com.
IN NS ns2.acme.com.
98.1.168.192.in-addr.arpa. IN PTR ns1.acme.com.
12.1.168.192.in-addr.arpa. IN PTR ns2.acme.com.
And the slave automatically came through as this:
ns2:/var/lib/named/slave # cat 1.168.192.in-addr.arpa
$ORIGIN .
$TTL 1W
1.168.192.in-addr.arpa IN SOA ns1.acme.com. root.ns1.acme.com. (
44
2D
4H
6W
1W )
I notice that the pointer records in the master show as "12.1.168.192.in-addr.arpa." whereas they are simply "12" in the sec - I think I made this change manually on the master as it wasn't working with just "12" in testing...I presume this isn't really a problem?
Also How come the Master has "IN NS" for example, while the slave just has "NS"
Finally...adding those trailing dots seems to have solved the issue of the name of the server shown when you type nslookup - it now just shows as "ns1.acme.com" and "ns2.acme.com" - so thanks for that.
Sorry for all the questions - this is fairly new stuff to me, but it's been an enjoyable learning experience.
What I want to do next is secure the transfers between the master and the slave...so back to the books.
Many thanks again.
Edit: I forgot one thing...when querying external sites I get "non-authoritative answer" - I can't remember if I got this before or not. Is this simply because it's coming from a server outside of it's own domain?
I notice that the pointer records in the master show as "12.1.168.192.in-addr.arpa." whereas they are simply "12" in the sec - I think I made this change manually on the master as it wasn't working with just "12" in testing...I presume this isn't really a problem?
It's the same thing. If you use just plain 12 (without a trailing dot), then the ORIGIN value is attached to it, so it becomes 12.1.168.192.in-addr.arpa..
That was in fact and your problem. Without the trailing dots in your your ns records, the hostnames were actually ns1.acme.com.acme.com and ns2.acme.com.acme.com (ORIGIN was attached)
Quote:
Also How come the Master has "IN NS" for example, while the slave just has "NS"
IN is the default class in a resource record, so it can be omitted.
looking at /etc/named.conf on the slave - it's not the same at all. Only the sections relevant to the zone files are there. The ACL I defined and also permissions for Zone Transfer, allow query etc are "any"
Do I just need to manually copy named.conf from the master to the slave to resolve this?
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
