transfer named.conf file from master to slave nameserver
Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
transfer named.conf file from master to slave nameserver
Well, I've held out a long time on my first post but here it is. Is there an easy or somewhat easy way to transfer the etc/named.conf file from the master to the slave nameserver so that it wont error out when trying to send the db files themselves from the master to the slave? Ive seen one bash script that does it but it looks OVERLY complicated for such an easy task. Any insight is extremely appreciated.
It is extremely easy. You should be able to use scp, which is similar to the copy command, but run over ssh. Use scp to transfer the named.conf file from the master to your home directory on the slave. Then go in as your regular user, edit the file (remove all the master statements and replace them with slave), then become root, stop named, backup the old named.conf, bring in the new named.conf, change the ownership on it, start BIND and you're done.
A script could do it nicely, but if you're only talking about a few zones, it probably would take longer to do the script than just editing by hand.
Examples -
server 1, the master, has IP address 2.3.4.5. Server 2, the slave, has IP 2.3.4.6.
It will ask you for a password if your system does password authentication over ssh. Most don't (shouldn't).
Then ssh onto the slave
Code:
ssh 2.3.4.6
Edit named.conf in your home directory, changing all the master statements to slave, and provide the address of the master -
vim (or any editor you like) named.conf
What looks like:
Code:
zone "example.com" in {
type master;
file "example.com";
};
Should become:
Code:
zone "example.com" in {
type slave;
file "example.com";
masters {2.3.4.5;};
};
Then stop BIND, copy the old named.conf to be safe, replace it with the new one, and restart. These commands are geared to Debian, but may well work on other distros as well. Put your distro in your profile, so we can give more specific instructions.
If you have things like rndc keys in the named.conf, than you'll just want to leave those as they are, and simply copy in the changed parts of the file. The rndc key from the master won't work on the slave, so don't screw that up. Also, Debian and a few other distros ship bind with 3 config files. Whereas named.cond used to include everything, they now split it into named.conf, named.conf.local, and named.conf.options. If you have a situation like that, all the zone changes should go in named.conf.local.
Im looking for a solution that requires no interaction from me whatsover. This is something I want to cron and have run probably every 10 minutes or so. I have a couple of regex's written to change the masters/file lines in the config file:
My guess at this point would be that I would need to write a bash script that will do this for me, as there is no way to do it through bind/dns options/controls etc. AFAIR, scp will require me to enter a username and password everytime the file is transfered so that would definately be something I would need to add in. I obviously dont want to keep that information sitting in the script in plain text so im going to have to figure out a way around that.
I appreciate the detailed/quick response, thanks JimBass.
scp doesn't require a password every time at all. You need to set it up without a password, but it is entirely possible to have a program from one machine ssh to another with no human interaction.
Follow the steps detailed here - http://backuppc.sourceforge.net/faq/..._setup_openssh
The first time you try to make the connection, it will ask (yes/no) if you accept the key of the other host, then after that first time, it can happen automatically without any human interaction.
MAJOR WARNING!!!!!!!!
To do that for a named.conf file, you'll have to come in as root. That means anyone who hacks the system holding the key has unlimited access to the second system as well. You are MUCH safer if you transfer the file as a non-root user, then modify it and only use root to put it in place.
With Bind if it's properly setup, you shouldn't have to update the named.conf file manually when you make changes on the master. What's the point in having a master/slave setup that acts like a replication then.. you might as well just make the changes on both servers. You must be doing something wrong in your setup.
What trickykid wrote is true, but we're talking about 2 different things. Yes, any changes you make within a zone will be brought across from the master to the slave with no further interaction. You won't have to change named.conf unless you are adding new domains. If you just change an IP or whatever you won't need to modify named.conf, but if you add a new zone, say example2.com, you'll have to modify named.conf.
What trickykid wrote is true, but we're talking about 2 different things. Yes, any changes you make within a zone will be brought across from the master to the slave with no further interaction. You won't have to change named.conf unless you are adding new domains. If you just change an IP or whatever you won't need to modify named.conf, but if you add a new zone, say example2.com, you'll have to modify named.conf.
Peace,
JimBass
Okay, yeah, I was totally thinking of something else. But yeah, if you really update named.conf that often, you're better off just writing a script to copy it over only if it changes, not copy it over every so many minutes, that's just stupid and a waste of bandwidth. Make smart scripts but convenient instead of crappy scripts just to get the job done.
Make smart scripts but convenient instead of crappy scripts just to get the job done.
Extremely true! But yes you did misunderstand. The db files do transfer if and only if the zone declaration exists on both the master and the slaves named.conf file. The script that I was looking at online that does it just seems rediculous:
That script doesn't at all appear ridiculous. It is pretty well commented out, so more than half of what is written isn't a "script" but an explanation of what the script is trying to do.
What does appear ridiculous is the idea of adding new zones so often that you need to modify your named.conf so much. Are you a major league ISP or hosting facility? I can't imagine they would need somebody to be asking questions like this at linuxquestions.org. I've been running DNS for a small ISP for years, and I've never had to make more than one or two changes to a named.conf file in a month, let alone several times per hour. What you are looking to do can be done, but I think you are grossly overestimating the amount of zones you are going to be authoritative for.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.