Automated zone file transfer from primary nameserver to secondary

I have nothing but admiration for guys who know DNS well....  500 points.  Wish I could give more.....

Our old dedicated server automatically does all our DNS work for us... for <> 150 sites now... a blessing indeed!  All we do is add a site, it automatically creates the primary and secondary DNS zones and sets them up on external nameservers... we don't even know how (proprietary scripts I am guessing!)!  No matter!

Anyway, now we have a new server with another company and have to do our own DNS. I have successfully installed a primary nameserver, and managed to get it to transfer DNS data for a couple of zones to a free secondary nameserver.  Bind9.  It works well, transfers the changes, looks good.  Now we are ready to set up a secondary nameserver of our own.

My question is, "How can we set this up so that it can automatically tranfer NEW ZONE FILES to our secondary nameserver?"  In other words, when we create a site, it creates our primary DNS zone files and restarts bind.  The primary name server answers queries, no problem.  Is the only way to set up transfers to the secondary server to manually create a new slave zone file on the secondary server and add allow-transfer to the primary zone file?

Or is there some option in BIND I am not seeing or not understanding (masters?) that can transfer not only updated zone info. but set up any new zone files on the secondary?


Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

There is no option in BIND to do it without some extra work, because there is no standard query that would work like "give me all ZONES that you host".

So, you have to MAKE one!;))

What you can do is

1. create a fake zone, say "" on the master DNS, and list all zones in it as TXT or PTR records.
2. create this zone on the slave and establish transfer
3. create a cron job on the slave that would check this meta-zone for new records, add new zones to BIND config and do a rndc_reload.

In reality, once we reached about 100 domains we built a database for all DNS informaiton and now both nameservers are building zones based on this database. When you are at 150 domains managing all this info just in zone files is probably quite a pain.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
rbartzAuthor Commented:
As I said, having our host do all that with scripts that interface with their nameservers is a blessing!  Having to mess with a few zones manually is enough for me, although I am happy to learn this stuff and love to make it work.

Ok, I can see some potential here... but what I am interested in now is how you implimented your database.

We use ispConfig on this new server, and the domain and zone data is already stored in an MySql database!  Along with that, the almost 150 domains hosted on our old server will be moved by the end of this year to another new server using ispConfig as well, meaning no problem for them to use a common database and for one to create the primary zone files and the other to create the secondary files etc, which is what I am assuming you are doing in essence.

Can you describe your system to me without compromising your IP...?   :-)
I can.

In a nutshell, the only difference is we use PostgreSQL as database, and we initially did it because we had a multihomed network with 2 T1-s coming in - so we implemented DNS-based failover. Plus, this DB stored the private addresses of the servers as well and it was used to build firewall NAT tables and local DNS zones.

Both DNS servers use the same set of PHP shell scripts that connect to the DB and build the zone files.

You don't have to have one DNS running as master and another one as slave - they both can use the same scripts to build zones from the DB, and that's even better because the second one becomes independent of the failures of the first one. As long as the information is the same, you can't really tell from the outside whether the zone is a slave or master in a particular DNS server.

rbartzAuthor Commented:
Ok, I have the idea anyway, and it seems fairly easy to do actually.  The database already lists everything that is in the zone files, and the existing PHP programming that the control panel uses already builds the master zone files ( is that easy or what? ).

You actually answered both my questions in the first mail, I appreciate the extra insight.

It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.