Question
First DNS zone update between master and slave is taking too long, but happens..
Hi,
Having configured the master/Slave zone, the initial zone transfer is too slow and no changes have happened until after 30 mins before I received zone up to date but ONLY on the Slave, is the Master suppose to show this as well as I have enabled notify on both servers.
This is in a test VMs and not production, there is hardly any data in it. Could it be a misconfiguration, I have changed TTL, refresh, retry to 100, yet nothing happens, tried bumping up the serial as well to get an update, this causes the slave to show Transfer completed: 1 messages but not zone up to date, any specific reason this is happening.
Another problem is that once the zone is updated, only the slave shows the message zone up to date, the master does not. Anything else I should do to speed up the initial update ?
I am using named -u named -g -p 53 to run it in foreground
The master does not show any update like transfer of ‘L00012345.local/IN’: AXFR-style IXFR started message, nothing, just shows
01-Jan-2019 07:15:15.527 zone L00144445.local/IN: sending notifies (serial 1) 01-Jan-2019 07:15:15.527 zone 102.168.192.IN-ADDR.ARPA/IN: sending notifies (serial 1)
This is even after the zone has updated.
Forward Zone
$TTL 3H
$ORIGIN L00144445.local.
@ IN SOA ns1.L00144445.local. admin.L00144445.local. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
IN NS ns1.L00144445.local.
IN NS ns2.L00144445.local.
ns1 IN A 192.168.102.191
ns2 IN A 192.168.102.192
Reverse Zone
$TTL 3H
$ORIGIN 102.168.192.IN-ADDR.ARPA.
@ IN SOA ns1.L00144445.local. admin.L00144445.local. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
IN NS ns1.L00144445.local.
IN NS ns2.L00144445.local.
191 IN PTR ns1.L00144445.local.
192 IN PTR ns2.L00144445.local.
named.conf MASTER
acl internals { 192.168.102.0/24; };
options {
listen-on port 53 { 127.0.0.1; 192.168.102.191; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
recursing-file "/var/named/data/named.recursing";
secroots-file "/var/named/data/named.secroots";
allow-transfer { 192.168.102.192; };
allow-query { localhost; internals; };
recursion yes;
dnssec-enable yes;
dnssec-validation yes;
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
pid-file "/run/named/named.pid";
session-keyfile "/run/named/session.key";
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "." IN {
type hint;
file "named.ca";
};
zone "L00144445.local" { type master; file "L00144445.db"; allow-transfer { 192.168.102.192; }; notify yes; };
zone "102.168.192.IN-ADDR.ARPA" { type master; file "54444100L.db"; allow-transfer { 192.168.102.192; }; notify yes; };
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
named.conf SLAVE
acl internals { 192.168.102.0/24; };
options {
listen-on port 53 { 127.0.0.1; 192.168.102.192; };
listen-on-v6 port 53 { ::1; };
directory “/var/named”;
dump-file “/var/named/data/cachedump.db”;
statistics-file “/var/named/data/namedstats.txt”;
memstatistics-file “/var/named/data/namedmemstats.txt”;
recursing-file “/var/named/data/named.recursing”;
secroots-file “/var/named/data/named.secroots”;
allow-notify { 192.168.102.191; };
allow-query { localhost; internals; };
recursion yes;
dnssec-enable yes;
dnssec-validation yes;
bindkeys-file “/etc/named.iscdlv.key”;
managed-keys-directory “/var/named/dynamic”;
pid-file “/run/named/named.pid”;
session-keyfile “/run/named/session.key”;
zone "." IN {
type hint;
file "named.ca";
};
zone “L00144445.local” { type slave; masters { 192.168.102.191; }; file “L00144445.db”; allow-transfer { 192.168.102.191; }; notify yes; };
zone “102.168.192.IN-ADDR.ARPA” { type slave; masters { 192.168.102.191; }; file “54444100L.db”; allow-transfer { 192.168.102.191; }; notify yes; };
include “/etc/named.rfc1912.zones”;
include “/etc/named.root.key”;
