DNS Master Slave setup

Installing, Configuring, Troubleshooting server daemons such as Web and Mail
bbecken
Posts: 7
Joined: 2006/06/27 15:31:26
Location: Missouri, USA

Re: DNS Master Slave setup

Postby bbecken » 2006/07/03 16:41:15

Master: /etc/named.conf.include is empty
-rw-r--r-- 1 root named 0 Jun 30 16:01 named.conf.include


If I deleted the slave servers /var/named/slave/208.35.133.zone and "restart" named, the zone file is NOT re-created.

Master ( slave is currently shutdown)
/etc/init.d/named restart
Jul 03 11:34:35.237 general: info: shutting down: flushing changes
Jul 03 11:34:35.238 general: notice: stopping command channel on 127.0.0.1#953
Jul 03 11:34:35.238 network: info: no longer listening on ::#53
Jul 03 11:34:35.238 network: info: no longer listening on 127.0.0.1#53
Jul 03 11:34:35.238 network: info: no longer listening on 208.35.133.1#53
Jul 03 11:34:35.275 general: notice: exiting
Jul 03 11:34:36.041 general: info: zone 0.0.127.in-addr.arpa/IN: loaded serial 42
Jul 03 11:34:36.045 general: info: zone 133.35.208.in-addr.arpa/IN: loaded serial 2006062601
Jul 03 11:34:36.125 general: info: zone wonca2004.org/IN: loaded serial 2006042501
Jul 03 11:34:36.127 general: info: running

Slave (Master is started)
/etc/init.d/named start
Jul 03 11:34:39.376 notify: info: zone 133.35.208.in-addr.arpa/IN: sending notifies (serial 2006062601)
Jul 03 11:34:39.879 notify: info: received notify for zone '133.35.208.in-addr.arpa'
Jul 03 11:34:41.892 xfer-in: error: transfer of 'wonca2004.org/IN' from 208.35.133.1#53: failed while receiving responses: REFUSED
Jul 03 11:34:41.892 xfer-in: info: transfer of 'wonca2004.org/IN' from 208.35.133.1#53: end of transfer

Two questions:
1) what about rndc... does the key have to be the same on each server?
2) Are we still looking at a permissions issue?

bbecken
Posts: 7
Joined: 2006/06/27 15:31:26
Location: Missouri, USA

Re: DNS Master Slave setup

Postby bbecken » 2006/07/03 21:33:19

I found the main issue:

I remarked out the following line and restarted the master nameserver.
listen-on-v6 { any; };

sync's like a charm. :-D

Also, for anyone setting up a nameserver where DNS is "listening": on a Virtual IP Address

Notes from the Slave server:
options {
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
version "not currently available";
allow-recursion { /24; };
# Note: Use the IP of the eth0 on the Master DNS server!
# When a Master DNS server sends out Notifications, it uses
# the IP bound to eth0, not a virtual/secondary IP address.
# If DNS does not sync, try adding ALL the IP addresses
# of the Master DNS server.
allow-notify { ; };
#
# When this system queries the Master, use the Virtual IP on this
# system because the Master DNS server is looking for requests FROM
# this IP address in it's "allow-transfer" option (if specified).
transfer-source ;
};

rj3k
Posts: 15
Joined: 2011/04/20 21:38:21

Re: DNS Master Slave setup

Postby rj3k » 2011/05/12 19:42:51

Hi
I know this thread is solved. But I have almost the same problem that DNS2 is not taking over the email. What I'm encountering tight now is when our DNS1 went down we cannot receive any emails, suing DNS2 but the internet is working fine. Our mail server is hosting by Google.

DNS2:

//
// named.conf for Red Hat caching-nameserver
//

acl "master" { 192.168.0.1; };
acl "slave" { 192.168.0.2; };

options {
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
OPTIONS=.-4.

/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/

// query-source address * port 53;
allow-transfer {192.168.0.1/32;};
};

//
// a caching only nameserver config
//

controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};

zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};

zone "example.com" IN {
type slave;
file "/var/named/example.com";
// allow-update { none; };
allow-transfer { 192.168.0.1/32; };
};

zone "0.168.192.in-addr.arpa" IN {
type slave;
file "/var/named/0.168.192.in-addr.arpa";
// allow-update { none; };
allow-transfer { 192.168.0.1/32; };
masters { 192.168.0.1; };
};

include "/etc/rndc.key";

END of DNS2 CONFIG.



DNS1:/etc/named.conf

options {
listen-on port 53 { any; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";

allow-query { any; };
allow-query-cache { any; };
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
view localhost_resolver {
match-clients { any; };
match-destinations { any; };
recursion yes;
include "/etc/named.rfc1912.zones";
};

End of Config.


DNS1:/etc/named.rfc1912.zones

// named.rfc1912.zones:
//
// Provided by Red Hat caching-nameserver package
//
// ISC BIND named zone configuration for zones recommended by
// RFC 1912 section 4.1 : localhost TLDs and address zones
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
zone "." IN {
type hint;
file "named.ca";
};

zone "localdomain" IN {
type master;
file "localdomain.zone";
allow-update { none; };
};

zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};

zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};

zone "0.168.192.in-addr.arpa" IN {
type master;
file "0.168.192.in-addr.arpa";
allow-update { none; };

zone "255.in-addr.arpa" IN {
type master;
file "named.broadcast";
allow-update { none; };
};

zone "0.in-addr.arpa" IN {
type master;
file "named.zero";
allow-update { none; };
};
zone "example.com" IN {
type master;
file "example.zone";
allow-update { none; };
};


DNS2(This config is the same as DNS1.): example.zone file

$TTL 86400
@ IN SOA dns1.example.com. hostmaster.example.com. (
2001062501 ; serial
21600 ; refresh after 6 hours
3600 ; retry after 1 hour
604800 ; expire after 1 week
86400 ) ; minimum TTL of 1 day

IN NS dns1.example.com.
IN NS dns2.example.com
300 IN MX 10 aspmx2.googlemail.com.
300 IN MX 10 aspmx3.googlemail.com.
300 IN MX 5 alt2.aspmx.l.google.com.
300 IN MX 5 alt1.aspmx.l.google.com.
300 IN MX 1 aspmx.l.google.com.
example.com IN A 65.34.121.50
dns1 IN A 192.168.0.1
dns2 IN A 192.168.0.2
www IN CNAME example.com
localhost IN A 127.0.0.1




Please help me to find what's wrong on the config. Internet works fine but not the email.