Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Re: Force slave BIND9 server reload inmediately

4,640 views
Skip to first unread message

Arturo Díaz Almagro

unread,
Feb 4, 2008, 1:25:55 PM2/4/08
to
Hello all,
Hope anybody could help me. I have two BIND9 servers where one is the master
and other is the slave. I realized that when I perform a change in a zone
file in the master and reload/restart the master BIND9 service the slave
does not start the zone transfer inmediately. I have a 'high availability'
system where the DNS server has an important role and I need those changes
inmediately loaded. I noticed that those changes are loaded but in a big
period time, so the system replication works. Could anybody tell me how to
force BIND9 to load changes inmediately after the notifies are received?

Thanks a lot.

--
Arturo Díaz

Contact me on
FWD: 870436
Skype: arturo.diaz.almagro


Baird, Josh

unread,
Feb 4, 2008, 1:28:40 PM2/4/08
to
Are you incrementing the serial number of the zone on the master?

Arturo Díaz Almagro

unread,
Feb 4, 2008, 1:33:19 PM2/4/08
to
Yes, it is the first thing I do in the shell script that runs the DNS
change.
2008/2/4, Baird, Josh <jba...@follett.com>:

John Wobus

unread,
Feb 4, 2008, 2:52:14 PM2/4/08
to
BIND can be configured to log notify processing and transfers. With
such logging turned
on, you can follow the notify/transfer process until a log entry
indicates where the
process is running into trouble.

The fact you cite, that transfers do happen later, is good information:
it eliminates
some of the potential causes.

Another elementary test is whether you can do any sort of dig from
the master to the slave. A notify is pretty much like another lookup,
so the success of such a dig can show that intervening routers/firewalls
would not be blocking it.

Naturally, reading the ARM (as well as books such as 'DNS & BIND
Cookbook'
or 'DNS and BIND') regarding configuration of notifies is to the point.

kirk

unread,
Feb 4, 2008, 3:39:11 PM2/4/08
to
Arturo Díaz Almagro wrote:
> Hello all,
> Hope anybody could help me. I have two BIND9 servers where one is the master
> and other is the slave. I realized that when I perform a change in a zone
> file in the master and reload/restart the master BIND9 service the slave
> does not start the zone transfer inmediately. I have a 'high availability'
> system where the DNS server has an important role and I need those changes
> inmediately loaded. I noticed that those changes are loaded but in a big
> period time, so the system replication works. Could anybody tell me how to
> force BIND9 to load changes inmediately after the notifies are received?
>
> Thanks a lot.
>

I have seen this happen when the name server resource records(NS) in the
zone are invalid. The master will attempt to send notifies to those
invalid NS entries (which never gets to the destination or the incorrect
destination) but after the SOA "refresh" interval elapses the zone gets
updated fine.

Make sure that the notifies from the master to slave are reaching their
proper destination.


Arturo Díaz Almagro

unread,
Feb 5, 2008, 4:15:30 AM2/5/08
to
This is my SOA configuration
$ORIGIN .
$TTL 86400 ; 1 day
domain.com IN SOA services.domain.com. root.localhost. (
08020502 ; serial
43200 ; refresh (1/2 day)
86400 ; retry (1 day)
2419200 ; expire (4 weeks)
604800 ; minimum (1 week)
)
IN NS dns.domain.com.
IN NS dns2.domain.com.
A 10.100.0.3
;
primary A 10.100.0.3
secondary A 10.172.0.3
dns CNAME primary
dns2 CNAME secondary
The NS record are right IP address for my network. Is that configuration
right?

Thanks


2008/2/4, kirk <ki...@kirkb.net>:

Jonathan Petersson

unread,
Feb 5, 2008, 5:51:28 AM2/5/08
to
Have you enabled

also-notify { ip-to-slave };

for the zone in named.conf?

Also, I would use A-records rather than CNAMEs when referring to NS records.

Arturo Díaz Almagro

unread,
Feb 5, 2008, 6:26:31 AM2/5/08
to
great, that did work but..... is that the most elegant way of doing or just
a workaround?
thanks a lot

2008/2/5, Jonathan Petersson <jpete...@garnser.se>:

Message has been deleted
Message has been deleted

Jonathan Petersson

unread,
Feb 5, 2008, 7:41:45 PM2/5/08
to
That is the way of doing it, then you can add fancy stuff like Dynamic
Updates but that might be a bit pointless with only two servers.

Arturo Díaz Almagro wrote:
> great, that did work but..... is that the most elegant way of doing or
> just a workaround?
>
> thanks a lot
>
> 2008/2/5, Jonathan Petersson <jpete...@garnser.se

> <mailto:jpete...@garnser.se>>:


>
> Have you enabled
>
> also-notify { ip-to-slave };
>
> for the zone in named.conf?
>
> Also, I would use A-records rather than CNAMEs when referring to
> NS records.
>
> Arturo Díaz Almagro wrote:
> > This is my SOA configuration
> > $ORIGIN .
> > $TTL 86400 ; 1 day

> > domain.com <http://domain.com> IN
> SOA services.domain.com <http://services.domain.com>.


> root.localhost. (
> > 08020502 ; serial
> > 43200 ; refresh (1/2 day)
> > 86400 ; retry (1 day)
> > 2419200 ; expire (4 weeks)
> > 604800 ; minimum (1 week)
> > )
> > IN NS dns.domain.com

> <http://dns.domain.com>.
> > IN NS dns2.domain.com
> <http://dns2.domain.com>.
> > A 10.100.0.3
> <http://10.100.0.3>
> > ;
> > primary A 10.100.0.3 <http://10.100.0.3>
> > secondary A 10.172.0.3 <http://10.172.0.3>


> > dns CNAME primary
> > dns2 CNAME secondary
> > The NS record are right IP address for my network. Is that
> configuration
> > right?
> >
> > Thanks
> >
> >

> > 2008/2/4, kirk <ki...@kirkb.net <mailto:ki...@kirkb.net>>:

0 new messages