Many thanks to Kevin Oberman, Irene A. Shilikhina, Hans Ranke, Paul
Crittenden, for their fast responses to my question about secondary DNS
server not recognizing new hosts added to the primary DNS.
They all mentioned that i have to make sure that i update the serial
number in the SOA whenever i update a zone.
The easiest way was to delete the hosts.db on the secondary and restart
DNS to force it to get a fresh copy from the primary.
Their answers below :-
=============================================================
Kevin Oberman:
There are several possibilities. It appears that the primary thinks it
is authoritative, so it should transfer the zone.
The refresh time in the SOA is one day. This is kinda long, especially
if you are running V4 (of BIND, not DU). It means that the secondary
will only check for changes in the zone once a day. And you need to
make sure that you bump the serial in the SOA whenever you update a
zone.
I STRONGLY urge you to upgrade to BIND 8.1.2, currently available from
http://www.isc.org/. It includes support for the NOTIFY protocol. If
you run this, the master server will notify all secondaries it knows
about that there has been a change so that they can update
immediately. It also fixes many bugs, memory leaks and at least two
very significant security problems. ISC uses Alphas for development
and it build cleanly out of the box.
Be sure to copy the existing named and named-xfer somewhere so that
you can restore them in the event of a OS upgrade or patch that
modifies them.) I simply append ".DEC" to the file name and then
install the new version. Also, be sure to make a copy of named in both
/usr/sbin and /sbin since the startup routine tries to run it from
/sbin but the install puts the new one into /usr/sbin. DEC distributes
DU with a copy in each. To be completely proper you should build the
one in /sbin statically, but I don't see much reason to bother. BIND
is not really needed when running single user.
==========================================================
Irene A. Shilikhina :
there are two reasons why your DNS server cannot recognize new hosts:
look at database file for the domain. The name of the file you may see
in /etc/namedb/named.boot file (so called in 3.2 but the concept is the
same), and then check the file associated with this domain:
secondary your.domain XXX.XXX.XXX.XXX
hosts.db
in this case hosts.db
In database file (hosts.db) there is RR called SOA with five constants,
among
them serial and refresh. Serial number has to be changed every time when
any changes are made in the PRIMARY, and refresh is period of refreshing
secondary IF THE SERIAL IS CHANGED (in seconds). In your case, I guess,
either the administrator of primary forgot to increment serial number or
in refresh period you will see changes. You may look at date of file
hosts.db
If date is up to date, the matter is serial number, because secondary
considers the data base is not modified last period and only touches the
file avoiding the loading. If so, you can either connect the
administrator
of the primary or delete this secondary database and then it will be
loaded
at once in spite of serial number (of course with stop and start DNS) .
===========================================================
Hans Ranke :
Look into the syslog.
Check if the primary is willing to do a zone transfer to you
(e.g. with dig: dig _at_primary my.domain.com axfr
or using the ls command of nslookup).
Check if the primary's serial no. is greater than the serial no. cached
by
the client.
If the problem is with the primary and you are also the primary's
administrator:
Look into the syslog.
Check if the secondary is in the list of hosts authorized to do
zone transfers (if you use this).
Check your map for typos (the syslog should point you to the erroneous
line).
============================================================
Paul Crittenden:
Are you updating the Serial number at the top of the files after making
changes?
===========================================================
Hisham Al-Saad
University of Bahrain
Received on Tue Aug 25 1998 - 05:36:49 NZST