?
Solved

ns3 and ns4 not updating

Posted on 2008-10-12
12
Medium Priority
?
459 Views
Last Modified: 2009-03-17
We have had a master/slave bind dns setup running on debian for quite some time. Today, I went to add in ns3 and ns4.  I have the correct slave zone config on ns3 and ns4 - such as:

zone "example.com" { type slave; file "example.com"; masters { 209.213.xxx.xxx; }; };

The first first time I start bind on the slave, it pulls the updates correctly and all is well.  However, when I update a zone on the master - and then run: ndc reload example.com, only ns2 updates.  The ns3 and ns4 never reply to the master notify request.

Allow transfer is set correctly for the ip's of ns3 and ns4 - does anyone have any ideas why this is not working?
0
Comment
Question by:axman505
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
12 Comments
 
LVL 13

Expert Comment

by:dhoffman_98
ID: 22700088
You wrote that you have "allow transfer" set, but what about your notify settings?

Try:

zone "example.com" { type slave; notify yes; file "example.com"; masters { 209.213.xxx.xxx; }; };


You'll need to be sure you have a configuration in place that shows you should send notify messages to the new name servers.

Depending on the level of logging you have enabled, you may see log entries indicating that a notify message was sent to the remote servers. If you enable more detailed logging to the point where you can see those entries, and you are not seeing the notifies go out, then it's a configuration problem on your main name server. If the messages are going out, but the slaves are not requesting zone transfers, then it could be an issue on the other end.

0
 
LVL 1

Author Comment

by:axman505
ID: 22700107
wouldn't notify have to go in the master zone file?  From what I read in the documentation, it's only valid for the master zones.

The weird thing is that the ns2 slave updates correctly with settings as is.  For some reason, the two additional slaves fail to update after their initial zone refresh.
0
 
LVL 13

Expert Comment

by:dhoffman_98
ID: 22701922
The notify statement for bind can go into the global configuration, for example if you want to set "notify no" at a global level, and then only turn it on for the zones you wish to use notify with.

But yes, it would go into the master zone, not the slave side. I should have taken out the masters piece of the example. On your master side though, you should have control of who is being notified, and in normal situations, you only would send notifies to the name servers identified in your zone file.

Have you tried enabling the extra debug logging?
0
Bringing Advanced Authentication to the SMB Market

WatchGuard announces the acquisition of advanced authentication provider, Datablink, with one mission – to bring secure authentication to SMB, mid-market, and distributed enterprises with a cloud-based solution, ideal for resale via their established channel & MSSP community.

 
LVL 1

Author Comment

by:axman505
ID: 22708445
I have - and so far it confirms my findings.  It does not appear to talk to ns3 or ns4.  When I do a zone update from the master, the debug logs on ns3/ns4 do not show any method of contact whatsoever.  The debug logs on the master don't show any contact to those slaves either - only to ns2
0
 
LVL 13

Expert Comment

by:dhoffman_98
ID: 22711323
Try configuring an "also-notify" line like the following, but with your IPs for ns3 and ns4.

also-notify {10.0.0.3; 10.0.0.4;};

0
 
LVL 13

Expert Comment

by:dhoffman_98
ID: 23802308
Claiming that the problem was solved on your own after someone provided input multiple times over three days is not a valid reason for closing the case without awarding points. For that matter, the measly 20 points offered are an insult.
0
 
LVL 13

Expert Comment

by:dhoffman_98
ID: 23813465
modus,

I don't know if the three pieces of input that I provided led to the full solution or not. And without getting valid feedback from the asker, it's not possible to know if any of them contributed to an answer.

My last suggestion in ID 22711323 was made seven months ago, and the asker had never replied back to advise if the issue was resolved.

My suggestion... close the answer with no points refunded.
0
 
LVL 1

Accepted Solution

by:
axman505 earned 0 total points
ID: 23813640
The issue was related to the parent domain that the ns servers were in.  The ns3 and ns4 servers were not listed as valid ns servers in that domain - which was causing the problem.
0

Featured Post

Bringing Advanced Authentication to the SMB Market

WatchGuard announces the acquisition of advanced authentication provider, Datablink, with one mission – to bring secure authentication to SMB, mid-market, and distributed enterprises with a cloud-based solution, ideal for resale via their established channel & MSSP community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Most DNS problems are VERY easily troubleshot and identifiable if you can follow the steps a DNS query takes. I would like to share the step-by-step a DNS query takes from the origin to the destination. _____________________________________________…
I will assume you are running a non-server version of some sort of Windows throughout this article. There are many flavors of Windows since Windows Server 2000 - 2008, XP Home & Pro, Vista Home & Pro, and Windows 7 Starter, Home, Pro, Ultimate, etc.…
In this video, Percona Solution Engineer Rick Golba discuss how (and why) you implement high availability in a database environment. To discuss how Percona Consulting can help with your design and architecture needs for your database and infrastr…
How to fix incompatible JVM issue while installing Eclipse While installing Eclipse in windows, got one error like above and unable to proceed with the installation. This video describes how to successfully install Eclipse. How to solve incompa…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question