Hi Robert, yes it does work. But the DLZ bind will not notify any slaves, when the repository changes. This can be painful, especially for longer TTL values. Regards, - lars. Am 07.09.2015 um 20:16 schrieb Robert Moskowitz:> > > On 09/07/2015 12:52 PM, Robert Moskowitz wrote: >> I am looking at: https://wiki.samba.org/index.php/DNS_administration >> >> I am using bind 9.9 on all my DNS servers. >> >> To set up secondarying my Samba DNS zones to my other Bind servers. I >> come across the following: >> >> https://bugzilla.samba.org/show_bug.cgi?id=9634 >> >> Is it possible to transfer the DLZ zones now as dates on this bug are >> 2 years old? > > So I tried it anyway: > > In my main DNS server: > > zone "home.htt" { > type slave; > file "slaves/bak.home.htt"; > masters {192.168.192.2; }; > }; > > I reload and there I see: > > Sep 07 14:00:05 valeria.htt-consult.com systemd[1]: Reloaded Berkeley > Internet Name Domain (DNS). > Sep 07 14:00:05 valeria.htt-consult.com named[2195]: dns_master_load: > file format mismatch > Sep 07 14:00:05 valeria.htt-consult.com named[2195]: zone > home.htt/IN/internal: loading from master file slaves/bak.home.htt > failed: not implemented > Sep 07 14:00:05 valeria.htt-consult.com named[2195]: all zones loaded > Sep 07 14:00:05 valeria.htt-consult.com named[2195]: running > Sep 07 14:00:05 valeria.htt-consult.com named[2195]: zone > home.htt/IN/internal: Transfer started. > Sep 07 14:00:05 valeria.htt-consult.com named[2195]: transfer of > 'home.htt/IN/internal' from 192.168.192.2#53: connected using > 192.168.192.5#51888 > Sep 07 14:00:05 valeria.htt-consult.com named[2195]: zone > home.htt/IN/internal: transferred serial 3 > Sep 07 14:00:05 valeria.htt-consult.com named[2195]: zone > home.htt/IN/internal: transfer: could not set file modification time of > 'slaves/bak.home.htt': permission denied > Sep 07 14:00:05 valeria.htt-consult.com named[2195]: transfer of > 'home.htt/IN/internal' from 192.168.192.2#53: Transfer completed: 1 > messages, 23 records, 1000 bytes, 0.020 secs (50000 bytes/sec) > > And over on homebase: > > Sep 7 14:00:05 homebase named[1133]: client 192.168.192.5#51888 > (home.htt): transfer of 'home.htt/IN': AXFR started > Sep 7 14:00:05 homebase named[1133]: client 192.168.192.5#51888 > (home.htt): transfer of 'home.htt/IN': AXFR ended > > But no file /var/named/slaves/bak.home.htt > > And yet on my DNS server, I can resolve homebase.home.htt: > > # dig homebase.home.htt > > ; <<>> DiG 9.9.4-RedHat-9.9.4-18.el7 <<>> homebase.home.htt > ;; global options: +cmd > ;; Got answer: > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55142 > ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1 > > ;; OPT PSEUDOSECTION: > ; EDNS: version: 0, flags:; udp: 4096 > ;; QUESTION SECTION: > ;homebase.home.htt. IN A > > ;; ANSWER SECTION: > homebase.home.htt. 900 IN A 192.168.192.2 > > ;; AUTHORITY SECTION: > home.htt. 900 IN NS homebase.home.htt. > > ;; Query time: 3 msec > ;; SERVER: 192.168.192.5#53(192.168.192.5) > ;; WHEN: Mon Sep 07 14:15:46 EDT 2015 > ;; MSG SIZE rcvd: 76 > > >
Robert Moskowitz
2015-Sep-07  20:26 UTC
[Samba] Maybe working - Re: BIND DLZ zone transfers
Is there some option on the slave to set the frequency of the AXFR? Say every hour? On 09/07/2015 03:45 PM, Lars Hanke wrote:> Hi Robert, > > yes it does work. But the DLZ bind will not notify any slaves, when > the repository changes. This can be painful, especially for longer TTL > values. > > Regards, > - lars. > > Am 07.09.2015 um 20:16 schrieb Robert Moskowitz: >> >> >> On 09/07/2015 12:52 PM, Robert Moskowitz wrote: >>> I am looking at: https://wiki.samba.org/index.php/DNS_administration >>> >>> I am using bind 9.9 on all my DNS servers. >>> >>> To set up secondarying my Samba DNS zones to my other Bind servers. I >>> come across the following: >>> >>> https://bugzilla.samba.org/show_bug.cgi?id=9634 >>> >>> Is it possible to transfer the DLZ zones now as dates on this bug are >>> 2 years old? >> >> So I tried it anyway: >> >> In my main DNS server: >> >> zone "home.htt" { >> type slave; >> file "slaves/bak.home.htt"; >> masters {192.168.192.2; }; >> }; >> >> I reload and there I see: >> >> Sep 07 14:00:05 valeria.htt-consult.com systemd[1]: Reloaded Berkeley >> Internet Name Domain (DNS). >> Sep 07 14:00:05 valeria.htt-consult.com named[2195]: dns_master_load: >> file format mismatch >> Sep 07 14:00:05 valeria.htt-consult.com named[2195]: zone >> home.htt/IN/internal: loading from master file slaves/bak.home.htt >> failed: not implemented >> Sep 07 14:00:05 valeria.htt-consult.com named[2195]: all zones loaded >> Sep 07 14:00:05 valeria.htt-consult.com named[2195]: running >> Sep 07 14:00:05 valeria.htt-consult.com named[2195]: zone >> home.htt/IN/internal: Transfer started. >> Sep 07 14:00:05 valeria.htt-consult.com named[2195]: transfer of >> 'home.htt/IN/internal' from 192.168.192.2#53: connected using >> 192.168.192.5#51888 >> Sep 07 14:00:05 valeria.htt-consult.com named[2195]: zone >> home.htt/IN/internal: transferred serial 3 >> Sep 07 14:00:05 valeria.htt-consult.com named[2195]: zone >> home.htt/IN/internal: transfer: could not set file modification time of >> 'slaves/bak.home.htt': permission denied >> Sep 07 14:00:05 valeria.htt-consult.com named[2195]: transfer of >> 'home.htt/IN/internal' from 192.168.192.2#53: Transfer completed: 1 >> messages, 23 records, 1000 bytes, 0.020 secs (50000 bytes/sec) >> >> And over on homebase: >> >> Sep 7 14:00:05 homebase named[1133]: client 192.168.192.5#51888 >> (home.htt): transfer of 'home.htt/IN': AXFR started >> Sep 7 14:00:05 homebase named[1133]: client 192.168.192.5#51888 >> (home.htt): transfer of 'home.htt/IN': AXFR ended >> >> But no file /var/named/slaves/bak.home.htt >> >> And yet on my DNS server, I can resolve homebase.home.htt: >> >> # dig homebase.home.htt >> >> ; <<>> DiG 9.9.4-RedHat-9.9.4-18.el7 <<>> homebase.home.htt >> ;; global options: +cmd >> ;; Got answer: >> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55142 >> ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1 >> >> ;; OPT PSEUDOSECTION: >> ; EDNS: version: 0, flags:; udp: 4096 >> ;; QUESTION SECTION: >> ;homebase.home.htt. IN A >> >> ;; ANSWER SECTION: >> homebase.home.htt. 900 IN A 192.168.192.2 >> >> ;; AUTHORITY SECTION: >> home.htt. 900 IN NS homebase.home.htt. >> >> ;; Query time: 3 msec >> ;; SERVER: 192.168.192.5#53(192.168.192.5) >> ;; WHEN: Mon Sep 07 14:15:46 EDT 2015 >> ;; MSG SIZE rcvd: 76 >> >> >> > >
On 07/09/15 21:26, Robert Moskowitz wrote:> Is there some option on the slave to set the frequency of the AXFR? > Say every hour? > > On 09/07/2015 03:45 PM, Lars Hanke wrote: >> Hi Robert, >> >> yes it does work. But the DLZ bind will not notify any slaves, when >> the repository changes. This can be painful, especially for longer >> TTL values. >> >> Regards, >> - lars. >> >> Am 07.09.2015 um 20:16 schrieb Robert Moskowitz: >>> >>> >>> On 09/07/2015 12:52 PM, Robert Moskowitz wrote: >>>> I am looking at: https://wiki.samba.org/index.php/DNS_administration >>>> >>>> I am using bind 9.9 on all my DNS servers. >>>> >>>> To set up secondarying my Samba DNS zones to my other Bind servers. I >>>> come across the following: >>>> >>>> https://bugzilla.samba.org/show_bug.cgi?id=9634 >>>> >>>> Is it possible to transfer the DLZ zones now as dates on this bug are >>>> 2 years old? >>> >>> So I tried it anyway: >>> >>> In my main DNS server: >>> >>> zone "home.htt" { >>> type slave; >>> file "slaves/bak.home.htt"; >>> masters {192.168.192.2; }; >>> }; >>> >>> I reload and there I see: >>> >>> Sep 07 14:00:05 valeria.htt-consult.com systemd[1]: Reloaded Berkeley >>> Internet Name Domain (DNS). >>> Sep 07 14:00:05 valeria.htt-consult.com named[2195]: dns_master_load: >>> file format mismatch >>> Sep 07 14:00:05 valeria.htt-consult.com named[2195]: zone >>> home.htt/IN/internal: loading from master file slaves/bak.home.htt >>> failed: not implemented >>> Sep 07 14:00:05 valeria.htt-consult.com named[2195]: all zones loaded >>> Sep 07 14:00:05 valeria.htt-consult.com named[2195]: running >>> Sep 07 14:00:05 valeria.htt-consult.com named[2195]: zone >>> home.htt/IN/internal: Transfer started. >>> Sep 07 14:00:05 valeria.htt-consult.com named[2195]: transfer of >>> 'home.htt/IN/internal' from 192.168.192.2#53: connected using >>> 192.168.192.5#51888 >>> Sep 07 14:00:05 valeria.htt-consult.com named[2195]: zone >>> home.htt/IN/internal: transferred serial 3 >>> Sep 07 14:00:05 valeria.htt-consult.com named[2195]: zone >>> home.htt/IN/internal: transfer: could not set file modification time of >>> 'slaves/bak.home.htt': permission denied >>> Sep 07 14:00:05 valeria.htt-consult.com named[2195]: transfer of >>> 'home.htt/IN/internal' from 192.168.192.2#53: Transfer completed: 1 >>> messages, 23 records, 1000 bytes, 0.020 secs (50000 bytes/sec) >>> >>> And over on homebase: >>> >>> Sep 7 14:00:05 homebase named[1133]: client 192.168.192.5#51888 >>> (home.htt): transfer of 'home.htt/IN': AXFR started >>> Sep 7 14:00:05 homebase named[1133]: client 192.168.192.5#51888 >>> (home.htt): transfer of 'home.htt/IN': AXFR ended >>> >>> But no file /var/named/slaves/bak.home.htt >>> >>> And yet on my DNS server, I can resolve homebase.home.htt: >>> >>> # dig homebase.home.htt >>> >>> ; <<>> DiG 9.9.4-RedHat-9.9.4-18.el7 <<>> homebase.home.htt >>> ;; global options: +cmd >>> ;; Got answer: >>> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55142 >>> ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1 >>> >>> ;; OPT PSEUDOSECTION: >>> ; EDNS: version: 0, flags:; udp: 4096 >>> ;; QUESTION SECTION: >>> ;homebase.home.htt. IN A >>> >>> ;; ANSWER SECTION: >>> homebase.home.htt. 900 IN A 192.168.192.2 >>> >>> ;; AUTHORITY SECTION: >>> home.htt. 900 IN NS homebase.home.htt. >>> >>> ;; Query time: 3 msec >>> ;; SERVER: 192.168.192.5#53(192.168.192.5) >>> ;; WHEN: Mon Sep 07 14:15:46 EDT 2015 >>> ;; MSG SIZE rcvd: 76 >>> >>> >>> >> >> > >You might want to have a look here: http://bind-dlz.sourceforge.net/best_practices.html Rowland