[Last Call] Learn about multicloud storage options and how to improve your company's cloud strategy. Register Now

x
?
Solved

DNS zone data transfer from slave to master

Posted on 2011-03-13
8
Medium Priority
?
859 Views
Last Modified: 2012-05-11
I have configured a test dns server with master and slave for abc.com . For every update in zone file update is working fine from master to slave , But i want slave to have rights to update the zone file so that zone file automatically gets updated.

(Attn : People with "rsync option" kindly abstain from posting soln )

Master (named.conf) :

acl loc { 127.0.0.1; 10.0.0.0/8; };
options {
        listen-on port 53 { 127.0.0.1; 10.1.0.171 ; };
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";

        // Those options should be used carefully because they disable port
        // randomization
        // query-source    port 53;
        // query-source-v6 port 53;

        allow-query     { loc;  };
        allow-query-cache { loc; };
};


server 10.1.0.172 {
keys { ddns-update ; };
};

include "/etc/ddns-update.dnskey";


logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};
view localhost_resolver {
        match-clients      { loc; };
        match-destinations { loc; };
        recursion yes;
//        include "/etc/named.root.hints";
//        include "/etc/named.rfc1912.zones";

zone "abc.com" IN {
        type master;
        file "abc.com.zone";
        notify yes;
        allow-transfer { loc;};
        allow-update {  key "ddns-update" ; };
};

zone "0.1.10.in-addr-arpa" {
      type master;
      file "0.1.10.zone";
      allow-transfer { loc; };
      allow-update { key "ddns-update" ; };
};





};

Slave (named.conf) :

acl loc { 127.0.0.1; 10.0.0.0/8; };
options {
        listen-on port 53 { 127.0.0.1; 10.1.0.172 ; };
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";

        allow-query     { loc; };
        allow-notify { loc; };
};

include "/etc/ddns-update.dnskey";

server 10.1.0.171 {
    keys {  ddns-update;
    };
};


logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};
view localhost_resolver {
        match-clients      { loc; };
        match-destinations { loc; };
        recursion yes;
//        include "/etc/named.root.hints";
        include "/etc/named.rfc1912.zones";

zone "abc.com" IN {
        type slave;
        file "abc.com.zone";
        notify yes;
        masters { 10.1.0.171; };
        allow-transfer { loc; };
        allow-update { key "ddns-update"; };
};


zone "0.1.10.in-addr-arpa" {
type slave ;
masters { 10.1.0.171; };
file "10.1.0.zone";
};


};





0
Comment
Question by:oppofwar
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
8 Comments
 
LVL 35

Expert Comment

by:Duncan Roe
ID: 35125995
You cannot do this. A slave is just that - a slave. It can download zones but only the master can update them.
0
 
LVL 35

Expert Comment

by:Duncan Roe
ID: 35126001
A DHCP server on the Slave system must send DDNS updates to the master, not the local slave DNS
0
 
LVL 3

Author Comment

by:oppofwar
ID: 35126037
Is there any other way to achieve it . Also there are  2 masters how to sync records between them.
0
Are You Ready for GDPR?

With the GDPR deadline set for May 25, 2018, many organizations are ill-prepared due to uncertainty about the criteria for compliance. According to a recent WatchGuard survey, a staggering 37% of respondents don't even know if their organization needs to comply with GDPR. Do you?

 
LVL 35

Expert Comment

by:Duncan Roe
ID: 35126762
You are breaking the structure by having 2 masters for the same zone (if that is what you're doing). DNS is supposed to be strictly hierarchical
0
 
LVL 3

Author Comment

by:oppofwar
ID: 35127123
duncan we need 2 master for redundancy , this structure is used in many infrastructure.
0
 
LVL 35

Expert Comment

by:Duncan Roe
ID: 35127305
Yes there are lots of duplicates of the root server - I've noticed that before. I would try Google or Wikipedia to find out how they do it. (I had a quick look at Wikipedia and there is a Root nameserver topic, but I didn't see the coordination mechanism in the few seconds I spent looking. As you say, there must be one)
0
 
LVL 3

Accepted Solution

by:
oppofwar earned 0 total points
ID: 35128581
Duncan finally I got the solution . Please find it below

Server 1: Master for abc.com

Create separate view and make it slave of Server 2 with same zone file

Server 2: Slave for abc.com

Create Separate view and make it master of Server 1 with the same zone file.

< -- below goes my named.conf configuration -->

Server 1 :


acl loc { 127.0.0.1; 10.0.0.0/8; };
options {
      listen-on port 53 { 127.0.0.1; 10.1.0.171 ; };
      directory       "/var/named";
      dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";

      // Those options should be used carefully because they disable port
      // randomization
      // query-source    port 53;      
      // query-source-v6 port 53;

      allow-query     { loc;  };
      allow-query-cache { loc; };
};


server 10.1.0.172 {
keys { ddns-update ; };
};

include "/etc/ddns-update.dnskey";


logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};
view localhost_resolver {
      match-clients          { loc; };
      match-destinations { loc; };
      recursion yes;
//        include "/etc/named.root.hints";
//        include "/etc/named.rfc1912.zones";
 
zone "abc.com" IN {
      type master;
      file "abc.com.zone";
        notify yes;
        allow-transfer { loc;};
      allow-update {  key "ddns-update" ; };
};



zone "0.1.10.in-addr-arpa" {
      type master;
      file "0.1.10.zone";
      allow-transfer { loc; };
      allow-update { key "ddns-update" ; };
};





};




view abcd {
      match-clients          { loc; };
      match-destinations { loc; };
      recursion yes;
//        include "/etc/named.root.hints";
//        include "/etc/named.rfc1912.zones";
 


zone "abc.com" IN {
      type slave;
      file "abc.com.zone";
        notify yes;
        masters { 10.1.0.172; };
        allow-transfer { loc; };
        allow-update { key "ddns-update"; };



};
};



Server 2:

acl loc { 127.0.0.1; 10.0.0.0/8; };
options {
      listen-on port 53 { 127.0.0.1; 10.1.0.172 ; };
      directory       "/var/named";
      dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";

      allow-query     { loc; };
      allow-notify { loc; };
};

include "/etc/ddns-update.dnskey";

server 10.1.0.171 {
    keys {  ddns-update;
    };
};


logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};
view localhost_resolver {
      match-clients          { loc; };
      match-destinations { loc; };
      recursion yes;
//        include "/etc/named.root.hints";
        include "/etc/named.rfc1912.zones";
 
zone "abc.com" IN {
      type slave;
      file "abc.com.zone";
        notify yes;
        masters { 10.1.0.171; };
        allow-transfer { loc; };
        allow-update { key "ddns-update"; };
};





zone "0.1.10.in-addr-arpa" {
type slave ;
masters { 10.1.0.171; };
file "10.1.0.zone";
};
};



view abc {
      match-clients          { loc; };
      match-destinations { loc; };
      recursion yes;
//        include "/etc/named.root.hints";
 //       include "/etc/named.rfc1912.zones";
 
zone "abc.com" IN {
      type master;
      file "abc.com.zone";
        notify yes;
        allow-transfer { loc; };
        allow-update { key "ddns-update"; };

};
};





0
 
LVL 3

Author Closing Comment

by:oppofwar
ID: 35170825
Please follow comments
0

Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Occasionally you run into the website or two that will not resolve properly using your own DNS servers.  Some people simply set up global forwarders for their DNS server.  I don’t recommend doing this because it can cause problems resolving addresse…
Video by: ITPro.TV
In this episode Don builds upon the troubleshooting techniques by demonstrating how to properly monitor a vSphere deployment to detect problems before they occur. He begins the show using tools found within the vSphere suite as ends the show demonst…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…

650 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question