DNS Zone Transfer

T

tastas

Verified User
Joined
Apr 17, 2009
Messages
5
I have two DA servers (NS1 and NS2). I want to transfer the DNS Zone between the two servers. I followed the instructions found on the links below. After 2-3 days, DNS Zones were not transferred.

http://www.directadmin.com/help/item.php?id=138
http://help.directadmin.com/item.php?id=97

Here's what I did:
  1. 1 I added NS2 IP with Zone transfer to NS1 Multi Server setup and vice versa. I tested the connection and both gave the "Test OK" message.
  2. 2 I added NS2 IP to IP Management on NS1 and vice versa on NS2.

Here is the named.conf
// generated by named-bootconf.pl

options {
directory "/var/named";
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;

allow-transfer { none; };
allow-recursion { localnets; };
};

//
// a caching only nameserver config
//
controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};
zone "." IN {
type hint;
file "named.ca";
};

zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};

zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};

include "/etc/rndc.key";
zone "example.com" { type master; file "/var/named/example.com.db"; };


Reseller Level shows the correct IP Management and Correct Name Servers.

Server Information
O/S: CentOS 5.2
DirectAdmin Version: 1.33.6
Apache Version: 2.2.11

Suggestions?
 
No one here have any Idea?

Due to the dns zones not being transferred, one of the dns server is labeled as 'lamed server'. Does anyone here have any clue why DNS Zones are not transferred in a Mutil-server setup?

Help please.
 
A firewall issue seems unlikely, though I'm not exactly sure how the DNS replication works on a DirectAdmin server. It looks like DA is using an internal replication rather than AXFR.

I've just grepped a /var/log/messages file of a server which is linked with another DirectAdmin server and I'm not seeing any AXFR entries. Though other servers who are linked to non-DA DNS systems are showing AXFR entries all the time.

If it was a firewall issue, DirectAdmin should be unavailable as well, if I'm not mistaken.
 
Is there any config files that would allow DNS2 to communicate with DNS1? I did a DIG on the domain. It show both DNS servers as authoritative.

Secondly, I checked each server and there /var/named/slave is empty. Do I have to desinate 1 DNS as Master and 1 as Slave? or Could both be master?
 
If you're using the DirectAdmin multi server setup, then getUP is right, the transfer is proprietary, not by AXFR, and both machines will have master records. The slave subdirectory will remain empty.

And in any event, both master and slave records are authoritative.

Jeff
 
tastas said:
2 I added NS2 IP to IP Management on NS1 and vice versa on NS2.
Click to expand...
Hello,

If I'm reading your statement correctly, that would imply that both box1 and box2 each have the same 2 IPs loaded in their network device.

If that is the case, then it would not be correct since 2 servers cannot have the same IP under normal network conditions.

What you should have:

Box1:
- IP Manager: IP of Box1
- Multi Server Setup: IP of Box2

Box2:
- IP Manager: IP of Box2
- Multi Server Setup: IP of Box1

and that's it.

Likely, the tests are passing because DA is connecting to itself since the IP you'd be connecting to exists locally due to the incorrect network setup. So remove the IPs that dont belong in the IP Manager, and then conntions to the other IPs will actually leave the server.

John
 
Fixed

Thank you so much everyone. Removing of the IP in IP Management fixed the problem... Hmm... I wonder why it didnt work the first time. I remember it not being added during the first few testing of DNS Zone Transfers.
 
You must log in or register to reply here.
Back
Top