#4222 BIND Cluster creates slave with wrong masters

1.620
open
Jamie Cameron
5
2014-02-18
2013-04-17
Pieter De Wit
No

Hi,

I have a DNS server with 3 slaves. I have the three slaves registered as a DNS cluster, using webmin. When I add a master zone, the slaves create the zones, but the master detail in the zones are incorrect, they contain the master and all the other slaves.

zone "zonename" {
type slave;
masters {
123.100.83.170;
54.253.122.61;
123.100.83.171;
};
file "/var/lib/bind/zonename.hosts";
};

Thanks,

Pieter

Discussion

  • Jamie Cameron
    Jamie Cameron
    2013-04-17

    How is that incorrect though? Slaves should be able to transfer from the master, or each other..

     
  • Pieter De Wit
    Pieter De Wit
    2013-04-18

    Hey,

    The slaves are then missing the "allow transfer from" settings :)

    I don't agree with slave-slave transfers (not limited to this project). In my project I need to do a hidden master setup so I need all DNS servers to pull the zones from one server. I think slave-slave transfers can cause problems down the line (B pulls an update from A,B checks C, but C hasn't got the update yet, so B pulls the old zone back etc - ignoring serial numbers etc)

    Would it be possible to have a check box to "enable slave to slave transfers" ?

    Cheers,

    Pieter

     
  • Jamie Cameron
    Jamie Cameron
    2013-04-18

    You can control if slaves get other slave's IPs, by going to the Module Config page (linked from the first page of the BIND module), and in the "Cluster slave servers" section changing "Add other slave IP addresses to list of masters on slaves?" to "No".

     
  • kwc
    kwc
    2014-02-15

    I have my virtual hosts on systems seperately from the name servers that are set up for public internet access. The virtual hosts are all set up with master zones and transfer to the public name servers which have slave zones. I want to have all of the slave ip addresses set up as masters in each slave. As suggested here I used the settings in the Module Config on the virtual hosts (where master zones are) and all the name servers (where slave zones are) and set Add other slave IP addresses to list of masters on salves? to Yes.

    When I add the first name server to the virutal host server through the Cluster Slave Servers interface it is added and setup with just the virtual host IP as a master server. When I add the second name server to the virutal host serer through the Cluster Slave Servers interface it is added and setup with both the virutal host IP and the first name server as master servers. When I add the third it is set up with virtual host and the first two slaves. I tried once more and then the fourth slave got all previous, which is what I want all slaves to have.

    I then tried removing the first slave server and adding it back hoping it would get all four master servers - but no such luck.

    I also tried updating the true master zone to force the serial to update which it did. After the slaves update the serial is correct but the master server ip list does not update to the full list of ips.

    How do I get all slave zones to have the full list of ip addresses as masters? With several hundres zones I certainly do not want to have to edit them all manually to add each of the IPs to the master servers list on each name server.

    Thanks,
    Ken

     
  • Jamie Cameron
    Jamie Cameron
    2014-02-15

    If you first add all the slave servers and then create a new zone, does it get all the expected IPs?

     
  • kwc
    kwc
    2014-02-16

    Yes - if the slave servers are set up first then new domains get all the slaves defined as masters on the slave servers. But these masters are applied to the new zone, not as default to all zones that exist. I experimented a bit but cannot find any way, short of editing the config file, to get the masters applied to all the existing zones. I tried adding to "additional master ip addresses for slave zones" in Module Config, Cluster Slave Servers. I tried deleting all clustered slave servers and adding them back. I tried setting Zone Defaults, Also notify slaves (listed) - for what it is worth, this list would not stick - it always generated an empty also-notify section in the global options section so I tried adding the ips into the file but that did not propagate all the masters to the slaves. None of these would force the slaves to see all the other slaves as potential sources for updates. I tried editing the conf file and added the also-notify and notify yes to existing zones - no joy there either. I even tried editing a zone to force an update and still no joy. The update propagated but the updated list of also-notify did not flow through as masters to the name servers.

    Am I just stuck editing the named.conf file on each name server to add the masters section to each slave section?

     
  • Jamie Cameron
    Jamie Cameron
    2014-02-18

    Sorry, but right now manually editing named.conf is the only option.

    To really fix this Webmin would need a way of adding multiple slaves at once, so that each zone that gets updated knows the IPs of all the slaves.