|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
|
RE: [PLUG] BIND troubleshooting / help
|
--> [mailto:plug-admin@lists.phillylinux.org]On Behalf Of Mental Patient
--> Sent: Monday, August 04, 2003 11:14 AM
<snip>
--> Did you configure the other 2 nameservers as clients of the primary?
--> Something like:
--> zone "domain" {
--> type slave;
--> masters { IP_ADDRESS_OF_AUTHORITATIVE_MASTER; };
--> file "filename_to_write_cached_file_to";
--> allow-transfer { DIRECTIVES; };
--> }
-->
--> And in your master you'd have something along the lines of
--> zone "domain" {
--> type master;
--> file "filename_of_zone";
--> allow-transfer { DIRECTIVES; };
--> }
On master:
zone "gh-systems.com" {
type master;
file "gh-systems.com.zone";
};
On slaves:
zone "gh-systems.com" {
type slave;
file "gh-systems.com.zone";
masters { 10.10.10.213; };
};
Guess I'm missing the
allow-transfer { DIRECTIVES; };
which on the master would be
allow-transfer {
ns1.intelli-media.com;
ns2.intelli-media.com; };
I will, of course try it, but from the BIND 9 Administrator Reference Manual
by Internet Software Consortium:
allow-transfer
Specifies which hosts are allowed to receive zone transfers from the server.
allow-transfer may also
be specified in the zone statement, in which case it overrides the options
allow-transfer statement.
If not specified, the default is to allow transfers to all hosts.
Also, doesn't the fact that a dig zone transfer worked from slave hitting
the master mean that it's allowed?
--> If that crap is setup properly then all you should need to do is edit
--> the zone on the master, change records, incremenent serialnumber and
--> kill -HUP the master only. When it (the master) restarts, it should
--> notify the secondary servers listed in the SOA of the zones it's
--> serving. The secondarys should transfer the zones and write them to
--> their cache. When debugging cache issues, know who you're running as.
--> Often linux distributions run named as root, so cache permissions aren't
--> much of an issue. If you're chrooting or running as an unprivleged user,
--> be aware of this and make sure the cache files can be manipulated as
--> the user bind runs as.
I think it's all as root; though top shows named's user as named so I might
have to set some permissions on the slave's files?
--> Grab the bind tarball. Theres lots of examples in there.
-->
-->
--> --
-->
--> Mental (Mental@NeverLight.com)
-->
--> CARPE NOCTEM, QUAM MINIMUM CREDULA POSTERO.
-->
--> GPG public key: http://www.neverlight.com/pas/Mental.asc
-->
-->
_________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.netisland.net/mailman/listinfo/plug-announce
General Discussion -- http://lists.netisland.net/mailman/listinfo/plug
|
|