HOWTO: Sync to external DNS servers

I whipped up a quick set of scripts to sync to external DNS servers.

They are beta and are pretty raw ATM, never the less they do get the job done.

You can find the information here..

http://alltechtalk.com/dascripts/dns_sync/install.txt

I don't have a lot of time at the moment, should be departing any time now.

But I've read your scripts, there are a couple of mistakes in them, personally I should not use this.
You want to rsync the .db zone files, this is not required.

There is no protection against double zones.
There is no form of logging.

I do have to admit, if you get the ssh thingy working, that part is quite nice .

I'll post a more in depth post later on, if Jeff doesn't do this earlier.

You want to rsync the .db zone files, this is not required.

Actually, each nameserver will act as a master server so the .db zone files are needed. Unless there is a way those can be autogenerated that I don't know about.


There is no protection against double zones.

True! Something that needs to be tweaked/added in..

There is no form of logging.

Correct, as I mentioned it was a quick set of scripts..

Thanks for the comments, I know a couple people are working on another solution but this worked for me in the meantime..

Ok, my last version of the dns sync setup...

Note that this version has NO protection against double zones, so Bind will crash and burn if it should detect double zones.

This version does have logging by default to a /var/log/namedsync file.
As this is a 'service' ran by the root user, this should not pose a problem (root is needed to reload Bind if changes are detected).

Actually, each nameserver will act as a master server so the .db zone files are needed. Unless there is a way those can be autogenerated that I don't know about.

Click to expand...

As you can see in my example below, there is no need to let the 'master' nameserver actually be the master server when looking at the DNS.
I usually build a setup in which the master server is the server where the clients are on, and the slave server is the actual primary nameserver (or master) for the domains.

Only problem is, this version of the dns syncer isn't an version I'm proud of, there are a lot of things that can be different (and should be different).

DO NOT USE THESE IN PRODUCTION ENVIRONMENT
The file that's ran on the DA server that has the customers on it is: http://montu.sebsoft.nl/Jeff/named.sh

The actual synchronisation works with the following file:
http://montu.sebsoft.nl/Jeff/fetch.montu.sh

Both files are ran in a cronjob syncing every 30 minutes. DNS changes are transferred by Bind from master to slave whenever slave checks if there are differences (which happens every x minutes (thought this was 30 min or something)).

Note that I do not support this version, nor should it be used in a production environment by someone who doesn't know exactly how DNS works.
As I've stated in other threads, if Jeff doesn't finish his version within a month or 2, I'll ask him to send me everything he has, so I might be able to finish it.

The license on my version is subject to change, so I would recommend you just look at it for reference purposes, don't use it and wait until Jeff or me release a version that actually does have the ability to live if there are multiple zones the same...

Note that my version is also a quick set of scripts I wrote after reading up a book on how Bind can work in production environments. It was in no way meant to be published .

My good news is that our work is ready for beta test.

I'll post a link in the next day or so, as I won't have time tonight.

Jeff

Jeff,

Great! Looking forward to it ..

hmm.. bump?

Anyone want to run a beta test for me?

I'm just too busy.

Besides even though I didn't write it, I specced it, so I wouldn't be the best tester.

So if anyone wants to beta test it let me know.

Thanks.

Jeff

Jeff,

Yes PM me the details.

I've done some work on Bind, so while we're not using DA yet, if you show me your scripts, I could probably see if there are any glaring problems.

It should work on any system, not just BIND; it was written to allow anyone to use it to create slave config file snippets from master config file snippets, and then to check for duplicates (which could occur if one server was offering slaving for lots of master servers) and catch them so BIND wouldn't fail to start.

Please contact me by email for download information; my current email is at the bottom of each of my posts.

Thanks.

Jeff