FAQ
Im using centos 4.5 and bind 9.2.4-27.0.1.el4, im having a problem
propagating updates on domains. when i update the main NS the secondary and
tertiary doesn't update automatically. i need to delete the <domain>.zone
file in the secondary and tertiary to get update from the main NS. I don't
where's the problem i don't get any errors i just dont get the AXFR when the
don't delete the file from the backup NS.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.centos.org/pipermail/centos/attachments/20070811/d0eba938/attachment.htm

Search Discussions

  • Johnny Hughes at Aug 11, 2007 at 9:06 am

    Mark Quitoriano wrote:
    Im using centos 4.5 and bind 9.2.4-27.0.1.el4, im having a problem
    propagating updates on domains. when i update the main NS the secondary
    and tertiary doesn't update automatically. i need to delete the
    <domain>.zone file in the secondary and tertiary to get update from the
    main NS. I don't where's the problem i don't get any errors i just dont
    get the AXFR when the don't delete the file from the backup NS.
    I know this is a silly question ... BUT ... are you increasing the
    serial number when you change the primary zone file?

    -------------- next part --------------
    A non-text attachment was scrubbed...
    Name: signature.asc
    Type: application/pgp-signature
    Size: 252 bytes
    Desc: OpenPGP digital signature
    Url : http://lists.centos.org/pipermail/centos/attachments/20070811/a7bad4d0/signature.bin
  • Mark Quitoriano at Aug 14, 2007 at 4:51 pm
    increasing the serial number? i didn't know that silly me i guess :) so if
    my serial number is 20070101 when i update the file it should be 20070102?

    thanks!
    On 8/11/07, Johnny Hughes wrote:

    Mark Quitoriano wrote:
    Im using centos 4.5 and bind 9.2.4-27.0.1.el4, im having a problem
    propagating updates on domains. when i update the main NS the secondary
    and tertiary doesn't update automatically. i need to delete the
    <domain>.zone file in the secondary and tertiary to get update from the
    main NS. I don't where's the problem i don't get any errors i just dont
    get the AXFR when the don't delete the file from the backup NS.
    I know this is a silly question ... BUT ... are you increasing the
    serial number when you change the primary zone file?

    -------------- next part --------------
    An HTML attachment was scrubbed...
    URL: http://lists.centos.org/pipermail/centos/attachments/20070814/639c17d7/attachment.htm
  • Stephen Harris at Aug 14, 2007 at 5:11 pm

    On Tue, Aug 14, 2007 at 12:51:18PM -0400, Mark Quitoriano wrote:
    increasing the serial number? i didn't know that silly me i guess :) so if
    my serial number is 20070101 when i update the file it should be 20070102?
    Technically the new serial number merely needs to be larger than the
    previous, but best practices say that the serial number should really
    be something like
    YYYYMMDD##
    (where ## is a count of how many changes made that day).

    So if you changed the data today it would be
    2007081401
    If you made a second change,
    2007081402
    etc

    --

    rgds
    Stephen
  • Robert - elists at Aug 11, 2007 at 4:22 pm
    Im using centos 4.5 and bind 9.2.4-27.0.1.el4, im having a problem
    propagating updates on domains. when i update the main NS the secondary and
    tertiary doesn't update automatically. i need to delete the <domain>.zone
    file in the secondary and tertiary to get update from the main NS. I don't
    where's the problem i don't get any errors i just dont get the AXFR when the
    don't delete the file from the backup NS.





    As previously noted, you have to increase the serial number of the zone,
    plus in the secondary, in the conf file, you have to make sure that the
    ownership and permissions are correct.



    Ip source of the update matters too



    Overall, Dns is easy to debug in the log files.



    :-)



    - rh

    -------------- next part --------------
    An HTML attachment was scrubbed...
    URL: http://lists.centos.org/pipermail/centos/attachments/20070811/4910a0e3/attachment.htm
  • James Gray at Aug 12, 2007 at 10:10 pm

    Robert - elists wrote:
    mark quitoriano wrote:
    Im using centos 4.5 and bind 9.2.4-27.0.1.el4, im having a problem
    propagating updates on domains. when i update the main NS the secondary
    and tertiary doesn't update automatically. i need to delete the
    <domain>.zone file in the secondary and tertiary to get update from the
    main NS. I don't where's the problem i don't get any errors i just dont
    get the AXFR when the don't delete the file from the backup NS.
    As others have said, you MUST increment the zone's serial.
    Addtitionally, on the master you may want to add "notify yes;" to the
    zone stubs. This will make sure bind sends out a message (notification)
    to the slaves when a zone is changed.
    As previously noted, you have to increase the serial number of the zone,
    plus in the secondary, in the conf file, you have to make sure that the
    ownership and permissions are correct.
    Permissions - good point. Modifying slave serials??? Er, no. Don't do
    that. I'm pretty sure you weren't suggesting the OP do that....but
    that's how it reads[1] :)
    Ip source of the update matters too
    Usually only a problem when you have a firewall that's matching the
    source IP of TCP/53 connections (zone transfers always happen over TCP).
    But seeing as the OP can refresh the zones after hosing the slave's
    cache, I doubt this is a network problem.
    Overall, Dns is easy to debug in the log files?
    Here, here :)

    --
    James
    [1] Although this morning the flu meds are doing phunky things to my
    brain :P Wheeeeee!
  • Mark Quitoriano at Aug 14, 2007 at 4:54 pm

    On 8/12/07, James Gray wrote:

    As others have said, you MUST increment the zone's serial.
    Addtitionally, on the master you may want to add "notify yes;" to the
    zone stubs. This will make sure bind sends out a message (notification)
    to the slaves when a zone is changed.

    where do i put the notify yes? on named.conf? or on the .zone file? do you
    have sample config for that? thanks!
    -------------- next part --------------
    An HTML attachment was scrubbed...
    URL: http://lists.centos.org/pipermail/centos/attachments/20070814/d4a43008/attachment.htm
  • John R Pierce at Aug 14, 2007 at 5:13 pm

    Mark Quitoriano wrote:

    On 8/12/07, *James Gray* wrote:


    As others have said, you MUST increment the zone's serial.
    Addtitionally, on the master you may want to add "notify yes;" to the
    zone stubs. This will make sure bind sends out a message
    (notification)
    to the slaves when a zone is changed.


    where do i put the notify yes? on named.conf? or on the .zone file? do
    you have sample config for that? thanks!
    the master notifies all servers that have NS records in the zone (except
    itself, of course).
  • Steve Searle at Aug 14, 2007 at 7:16 pm

    Around 05:54pm on Tuesday, August 14, 2007 (UK time), Mark Quitoriano scrawled:

    where do i put the notify yes? on named.conf? or on the .zone file? do you
    have sample config for that? thanks!
    I have some instructions with sample config files here:
    http://www.stevesearle.com/tech/centos5.0.svr.html#bind

    Steve

    --

    A: Because it messes up the order in which people normally read text.
    Q: Why is top-posting a bad thing?

    20:15:20 up 9 days, 8:39, 1 user, load average: 0.19, 0.14, 0.05
    -------------- next part --------------
    A non-text attachment was scrubbed...
    Name: not available
    Type: application/pgp-signature
    Size: 189 bytes
    Desc: not available
    Url : http://lists.centos.org/pipermail/centos/attachments/20070814/3013a74a/attachment.bin
  • Ray Leventhal at Aug 15, 2007 at 11:54 am

    Mark Quitoriano wrote:

    On 8/12/07, *James Gray* wrote:


    As others have said, you MUST increment the zone's serial.
    Addtitionally, on the master you may want to add "notify yes;" to the
    zone stubs. This will make sure bind sends out a message
    (notification)
    to the slaves when a zone is changed.


    where do i put the notify yes? on named.conf? or on the .zone file? do
    you have sample config for that? thanks!


    ------------------------------------------------------------------------

    _______________________________________________
    CentOS mailing list
    CentOS@centos.org
    http://lists.centos.org/mailman/listinfo/centos
    Hi all,

    Mark, are you running chrooted BIND? If so, the file locations are
    somewhat different, but the general paradigm is the same.

    NON-Chrooted:
    db.* files are in /var/named
    named.conf is in /etc
    zone.* files are in /etc/bind

    Chrooted:
    db.* files are in /var/named/chroot/var/named/ (if slaves, they're in
    /var/named/chroot/var/named/slaves/)
    named.conf is in /var/named/chroot/etc/
    zone.* files are in /var/named/chroot/etc/bind

    I recently (with *lots* of pointers from this list) got my secondary NS
    up running a chrooted BIND (on CentOS 5). One of the issues I had was
    the path set for the slave zone files.

    In my secondary, I had the full path including the leading
    /var/named/chroot/. That was a big error. The chrooted location is, it
    seems, understood so my path/to_zone_files/ was wrong in my secondary's
    named.conf file.

    Made a *big* difference for me, clearly.

    I do hope this helps.

    ~Ray

Related Discussions

Discussion Navigation
viewthread | post
Discussion Overview
groupcentos @
categoriescentos
postedAug 11, '07 at 5:17a
activeAug 15, '07 at 11:54a
posts10
users8
websitecentos.org
irc#centos

People

Translate

site design / logo © 2022 Grokbase