Quick and Easy Slave DNS setup

K

kyleodonnell

Verified User
Joined
Oct 8, 2008
Messages
11
First run of the howto let me know if you find any issues.

MASTER Server

edit /etc/named.conf

add:

Code: 
allow-transfer { [B]xx.xx.xx.xx[/B]; };

to the options section where xx.xx.xx.xx is the ip of your slave server.

Create a script with the following:

Code: 
#!/bin/sh
#
for domain in `/bin/grep ^zone /etc/named.conf |/bin/grep "type master" |/bin/awk '{print $2}' |/bin/awk -F\" '{print $2}'`

do

/usr/bin/printf "zone \"${domain}\" { type slave; file \"/var/named/slaves/[B]somedirectory[/B]/${domain}.db\"; masters { [B]yy.yy.yy.yy[/B]; }; };\n"

done > /var/www/html/somewwwdir/someslavefile.conf

somedirectory is the directory on your SLAVE server to store the slave zones.
yy.yy.yy.yy is your MASTER server ip
somewwwdir is a directory browsable via http
someslavefile.conf is the output file to write you slave config

Test the script to ensure it is writing out the appropriate format.

Run the script as any user with permission to write to an http visible directory via cron.

Code: 
0 4 * * * /path/to/script > /dev/null 2>&1

SLAVE SERVER


Code: 
scp MASTERSERVER:/etc/rndc.key /etc/ns1rndc.key

Edit ns1rndc.key and change the name of the key definition.

Edit named.conf

add the following to the options section

Code: 
allow-transfer { [B]zz.zz.zz.zz[/B]; };

append the following to the file:

Code: 
include "/etc/ns1rndc.key";
include "/path/to/[B]someslavefile.conf[/B]";

Run the following commands

Code: 
touch /path/to/[B]someslavefile.conf[/B]
mkdir /var/named/slaves/[B]somedirectory[/B]/
chown -R named:named /var/named/slaves/[B]somedirectory[/B]/
/etc/init.d/named restart

create a script:

Code: 
#!/bin/sh
/usr/bin/wget [url]http://[B]yy.yy.yy.yy[/url][/B]/[B]somewwwdir[/B]/[B]someslavefile.conf[/B]  -O /var/named/slaves/[B]someslavefile.conf[/B]
/etc/init.d/named restart

Add to root cron

Code: 
0 4 * * * /path/to/script
 
Last edited:
It would be good if you separated your code from your instructions using the CODE tags.
 
I used your guide.
I installed a debian with bind9.

When I restarted bind this error.
rndc: connect failed: 127.0.0.1 # 953: connection refused

How can I do?
Thank you.
 
What command did you use? rndc only works if BIND is already running.

Jeff
 
The reload command should be used on a running daemon. I'd suggest running with the restart option instead.

Jeff
 
neoblu said:
I used your guide.
I installed a debian with bind9.

When I restarted bind this error.
rndc: connect failed: 127.0.0.1 # 953: connection refused

How can I do?
Thank you.
Click to expand...

change:
Code: 
include '/etc/ns1rndc.key";
include "/path/to/someslavefile.conf";

to:
Code: 
include "/etc/ns1rndc.key";
include "/path/to/someslavefile.conf";

And bind9 works fine again.
 
prale said:
Somebody knows what zz.zz.zz.zz stands for in the above howto?
Click to expand...
It's a placeholder for the IP# you need to put in there. If you don't know what to put in there may I courteously suggest you don't really know enough to install this successfully.

jEFF
 
jlasman said:
It's a placeholder for the IP# you need to put in there. If you don't know what to put in there may I courteously suggest you don't really know enough to install this successfully.

jEFF
Click to expand...

You define:

xx.xx.xx.xx = slave ip
yy.yy.yy.yy = master ip
zz.zz.zz.zz = ??????

The reason why I ask is because if it was slave or master ip, you would have called it "x" or "y" and not "z" I guess.

So please tell me what to put there, I have sync problems now and I would like to know if this is the problem, since I putted my master ip here.

Error from online dns check tool:
Code: 
Errors=0, Warnings=2, Informational=1 

** Summary: ACCEPTED domain.com.
 - There are 2 warnings to report.

** Full check report:

* primary name server "ns1.domain.com."
  Warning: name server at xx.xx.xx.xx out of sync.
  Info: name server looks correctly configured.

* secondary name server "ns2.domain.com."

domain.com.	14400	IN	SOA	ns1.domain.com.
                                        root.domain.com.
                                        (2008112209 4H 1H 14D 1D) 
  Warning: SOA for name server at xx.xx.xx.xx differs from the primary.
    The SOA record as reported by the name server is different from the
    one found at the first IP-address for the primary name server. This
    means that the synchronisation between the two is not working properly.
 
Ok, I fixed my problem.

I figured out this problem was only with a domain I deleted once from a reseller account, and then created a new user for it.

So after I ran the command:
#rm -r /var/named/slaves/somedir/*
and then runned the .sh script on the slave again.
after that it was all fine again :)

I think I'll add it to the slave.sh script, so that all old data will get removed, and regenerated:

Code: 
#!/bin/sh
rm -r /var/named/slaves/somedir/*
/usr/bin/wget http://yy.yy.yy.yy/somewwwdir/someslavefile.conf  -O /var/named/slaves/someslavefile.conf
/etc/init.d/named restart
 
Anyway this setup was not good enough for me.
The dns changes were not realtime.

I managed to get a free 2nd ip for this server from my datacenter and now it's working fine all on 1 server.
 
There have been lots of discussions on why having both logical nameserves on the same physical server is bad (including on this very forum), so I won't go into detail. However I will point out two differences:

1) You only have one physical nameserver; it's on the same machine as your website, and the server goes down: visitors to your site see a message that the domain doesn't exist.

2) You have more than one nameserver, spread out over more than one machine, and the server goes down: visitors to your site see a message that the site is temporarily down.

And ...

From time to time DirectAdmin restarts nameservers. If you've got only one, and it hosts lots of domain, it could take a while to restart. During that time the resolver could time-out, and visitors could get a message saying the site is unavailable.

These are the reasons I had Master2Slave DNS Replicator developed, so you could share DNS hosting with someone else, and it's why we offer automated Slave DNS hosting in case you can't get anyone else to share with you.

Jeff
 
hijacking

i'm sorry if i'm hijacking this thread but in the script for the master is something wrong.

Code: 
for domain in `/bin/grep ^zone /etc/named.conf |/bin/grep "type master" |/bin/awk '{print $2}' |/bin/awk -F\" '{print $2}'`

should be

Code: 
for domain in `/bin/grep ^zone /etc/named.conf |/bin/grep "type master" |/bin/awk '{print $2}'`

and for some users (centos) awk might be in /usr/bin/awk

correct me if i'm worng but when i changed the above this script worked for me.
 
You must log in or register to reply here.
Back
Top