ns3 and ns4 not updating

We have had a master/slave bind dns setup running on debian for quite some time. Today, I went to add in ns3 and ns4.  I have the correct slave zone config on ns3 and ns4 - such as:

zone "example.com" { type slave; file "example.com"; masters { 209.213.xxx.xxx; }; };

The first first time I start bind on the slave, it pulls the updates correctly and all is well.  However, when I update a zone on the master - and then run: ndc reload example.com, only ns2 updates.  The ns3 and ns4 never reply to the master notify request.

Allow transfer is set correctly for the ip's of ns3 and ns4 - does anyone have any ideas why this is not working?
Who is Participating?
axman505Connect With a Mentor Author Commented:
The issue was related to the parent domain that the ns servers were in.  The ns3 and ns4 servers were not listed as valid ns servers in that domain - which was causing the problem.
You wrote that you have "allow transfer" set, but what about your notify settings?


zone "example.com" { type slave; notify yes; file "example.com"; masters { 209.213.xxx.xxx; }; };

You'll need to be sure you have a configuration in place that shows you should send notify messages to the new name servers.

Depending on the level of logging you have enabled, you may see log entries indicating that a notify message was sent to the remote servers. If you enable more detailed logging to the point where you can see those entries, and you are not seeing the notifies go out, then it's a configuration problem on your main name server. If the messages are going out, but the slaves are not requesting zone transfers, then it could be an issue on the other end.

axman505Author Commented:
wouldn't notify have to go in the master zone file?  From what I read in the documentation, it's only valid for the master zones.

The weird thing is that the ns2 slave updates correctly with settings as is.  For some reason, the two additional slaves fail to update after their initial zone refresh.
We Need Your Input!

WatchGuard is currently running a beta program for our new macOS Host Sensor for our Threat Detection and Response service. We're looking for more macOS users to help provide insight and feedback to help us make the product even better. Please sign up for our beta program today!

The notify statement for bind can go into the global configuration, for example if you want to set "notify no" at a global level, and then only turn it on for the zones you wish to use notify with.

But yes, it would go into the master zone, not the slave side. I should have taken out the masters piece of the example. On your master side though, you should have control of who is being notified, and in normal situations, you only would send notifies to the name servers identified in your zone file.

Have you tried enabling the extra debug logging?
axman505Author Commented:
I have - and so far it confirms my findings.  It does not appear to talk to ns3 or ns4.  When I do a zone update from the master, the debug logs on ns3/ns4 do not show any method of contact whatsoever.  The debug logs on the master don't show any contact to those slaves either - only to ns2
Try configuring an "also-notify" line like the following, but with your IPs for ns3 and ns4.

also-notify {;;};

Claiming that the problem was solved on your own after someone provided input multiple times over three days is not a valid reason for closing the case without awarding points. For that matter, the measly 20 points offered are an insult.

I don't know if the three pieces of input that I provided led to the full solution or not. And without getting valid feedback from the asker, it's not possible to know if any of them contributed to an answer.

My last suggestion in ID 22711323 was made seven months ago, and the asker had never replied back to advise if the issue was resolved.

My suggestion... close the answer with no points refunded.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.