Secondary DNS configuration issue.....

Joseph Gleason clash at tasam.com
Wed May 28 07:56:49 PDT 2003 

Answers below

----- Original Message ----- 
From: "shrikant" <shrikant at corp.123india.com>
To: <questions at freebsd.org>
Sent: 28 May, 2003 05:39
Subject: Secondary DNS configuration issue.....


> Sir ,
>
> I am setting up an secondary DNS ,
>
> all i want to known is what shall ne the config in the named.conf for the
> secondary DNS to get the zone files from the primary .
>
> wat I experienced is :  when i configured the secondary DNS  started the
> named daemon on the secondary ,and in the primary i gave the  in named.conf
> of primary
>
>
> options {
>         directory "/etc/namedb";
>         allow-transfer { 216.xxx.xxx.xxx;};
>
>
>
> so that the transfer happens between the primary and secondary.
>
> question 1)  do we have to maually transfer the zone files  for the first
> time  ????

Nope.  As long as the permisions are right, named will do it on its own.

Here is some text from the named.conf on one of my backup NSs:

zone "tasam.com" {
        type slave;
        file "zones/tasam.com.zone";
        masters {
                216.22.46.160;
        };
};

Just have to make sure whatever user named (usually bind) is runing is has write access to 'zones'.  ('zones' being a subdir of the
directory defined near the top of the named.conf)

>
>
> question 2)  If the zones files are not in sync with the Primary and
> Secondary DNS ,wat must be the possible cause ???

If your secondary has old and out of date zone files, it means that one
of the following is probably true:
 - named has not been running on the secondary
 - someone forgot to update the serial number on the primary
   (named only knows to download a zone again when the serial number changes)
 - the secondary is not allowed to zone transfer from the primary
 - the secondary has the wrong address for the primary
 - the user named is running at one the secondary does not have access
   to write the zones
If the secondary has newer zone file than the primary it means someone has been modifying the zone files on the secondary (which
they of course should not do)

>
> will be happy if get an answer for this .
>
> Shrikant
> 123india.com
>
>
>
>
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"
>

More information about the freebsd-questions mailing list