[plug] DNS Backup NS's
Tim
weirdit at gmail.com
Fri Jul 16 11:48:55 WST 2010
My thought was to have a secure wiki with the slave config as a page. Then
just email on changes so that admin can update when new zones are added.
Tim
On 16 Jul 2010 13:39, "Adrian Woodley" <Adrian at screamingroot.org> wrote:
===Adrian's Remarkably Ad-Hoc Guide to DNS Seconding===
=========
Master server:
=========
-----------------------------------------------------------------------------------------------------
/etc/bind/named.conf (named.conf.local under Ubuntu/Debian):
-----------------------------------------------------------------------------------------------------
zone "mydomain.com" {
type master;
file "/var/cache/bind/db.mydomain.com";
allow-transer {
222.222.222.222;
};
notify yes; // tell the slaves that the zone has changed.
};
--------------------------------------------------------
/var/cache/bind/db.mydomain.com:
--------------------------------------------------------
mydomain.com IN SOA mydomain.com. hostmaster.mydomain.com. (
2010071601 ; serial. YYYYMMDDNN. Increase everytime you change the zone
28800 ; refresh (8 hours)
7200 ; retry (2 hours)
2419200 ; expire (4 weeks)
86400 ; minimum (1 day)
)
NS ns1.mydomain.com. ; master server (ie, this server)
NS ns2.mydomain.com. ; slave server
ns1 A 111.111.111.111 ; this server's IP
ns2 A 222.222.222.222 ; slave server's IP
; other records...
---------------------
Restart bind:
---------------------
/etc/init.d/bind restart
=========
Slave Server:
=========
-----------------------------------------------------------------------------------------------------
/etc/bind/named.conf (named.conf.local under Ubuntu/Debian):
-----------------------------------------------------------------------------------------------------
zone "mydomain.com" {
type slave;
file "/var/cache/bind/db.mydomain.com";
masters {
111.111.111.111;
};
notify no; // zone changes will originate from the master only.
};
---------------------
Restart bind:
---------------------
/etc/init.d/bind restart
This will automatically pull in the zone from the master server, without the
file needing to be manually created (assuming bind has ownership of
/var/cache/bind).
>From now on, all changes to a zone should be made on the server, taking
particular care to increment the serial (usually with the current date plus
an index). After editing the zone, run:
rndc reload mydomain.com
This will push out the updated zone to all the slave servers, again without
any manual intervention.
Thus, after the initial configuration, the admins on the slave servers
should not be required to do any further work on the zone.
Cheers,
Adrian
On 15/07/10 18:41, Tim wrote:
> >
> > I'm wondering how many people are running VPS's or servers and only
> > have one or two, and would...
>
> > _______________________________________________
> > PLUG discussion list:plug at plug.org.au <list%3Aplug at plug.org.au>
> > http://w...
>
_______________________________________________
PLUG discussion list: plug at plug.org.au
http://www....
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.plug.org.au/pipermail/plug/attachments/20100716/3913558f/attachment.html>
More information about the plug
mailing list