HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Installation/Configuration (http://www.howtoforge.com/forums/forumdisplay.php?f=27)
-   -   ISPConfig3 MyDNS-ng master axfr zone transfer to bind9 slave (http://www.howtoforge.com/forums/showthread.php?t=41524)

lucani 2nd December 2009 23:25

ISPConfig3 MyDNS-ng master axfr zone transfer to bind9 slave
 
Hello!

It's 3rd day when I'm fighting with zone transfers from MyDNS to bind server. I read hundreds of pages from this forum and from google but it still doesn't work.

Firstly, I set IPs in "allow zone transfers" in DNS tab in ISPConfig,
secondly, I recompile fixed mydns-ng (http://www.howtoforge.com/forums/sho...t=32145&page=2),
next I edit config MyDNS config file (mydns.conf):

Code:

log = LOG_DAEMON        # Facility to use for program output (LOG_*/stdout/stder
pidfile = /var/run/mydns.pid    # Path to PID file
timeout = 120  # Number of seconds after which queries time out
multicpu = 1    # Number of CPUs installed on your system
recursive =                      # Location of recursive resolver
allow-axfr = yes # Should AXFR be enabled?
allow-tcp = no  # Should TCP be enabled? I'm not sure
allow-update = yes      # Should DNS UPDATE be enabled?
ignore-minimum = no    # Ignore minimum TTL for zone?
soa-table = dns_soa    # Name of table containing SOA records
rr-table = dns_rr      # Name of table containing RR data
soa-where = server_id = 1              # Extra WHERE clause for SOA queries
rr-where =  server_id = 1              # Extra WHERE clause for RR queries
use-soa-active = yes # To fix bug 295 where active or inactive status is ignored
use-rr-active = yes# To fix bug 295 where active or inactive status is ignored.
notify-enabled = yes
notify-source xxx.xxx.xxx.xxx

and also bind config :
(named.conf.options):
Code:

options {
        directory "/var/cache/bind";

        allow-transfer {xxx.xxx.xxx.xxx;};
        dnssec-enable yes; // I'm not sure
        auth-nxdomain no;    # conform to RFC1035
        listen-on-v6 { any; };
        request-ixfr no;
};

(named.conf):
Code:

zone "zone1.com" IN {
type slave;
file "/var/cache/bind/zone1.com.conf";
masters { xxx.xxx.xxx.xxx; };
allow-notify { xxx.xxx.xxx.xxx; };
};

With this config it's trying to work, but not at all:

When zone file in /var/cache/bind is deleted, I restart bind and full zone is transfered by axfr to slave server. But then it's freezing. When I change anything on primary server (=generate new serial in SOA) nothing happens. Slave should be notified, but it doesn't. I want also say that in nslookup and dig @xxx.xxx.xxx.xxx axfr zone1.com everything is all right.

Could You help me with this problem?

till 3rd December 2009 14:47

Does zone transfers initiated with the dig command work? Do you use the latest mydns-ng version?

lucani 3rd December 2009 15:41

Yes, I use MyDNS-NG (mydns-1.2.8.27) downloaded from sourceforge, how can I init zone transfer using dig?

lucani 5th December 2009 12:34

refresh ... it still doesnt work : /

falko 6th December 2009 14:50

Are there any BIND errors in the logs on the slave?

kurv 6th December 2009 17:20

have problem too
make sex 4 day with google,mydns and bind
it's not worked because mydns don't send amxr information (IMHO)
then install mydns-1.2.8.27, and when add new Zone in ISPconfig in to the bottom write IP for my slave dns-server
restart mydns and bind - bingo! all transfering without trubles
PS sorry my bad english (=

lucani 6th December 2009 22:45

Quote:

it's not worked because mydns don't send amxr information (IMHO)
Yes, slave logs are empty, it didnt received any informations about changes in master!

Quote:

and when add new Zone in ISPconfig in to the bottom write IP for my slave
Sorry, but I didn't understand. What did you do, that it started working?

kurv 6th December 2009 23:07

it's screen of my admin panel
http://imgs.su/tmp/1260136891.jpg
after this moment - it started working

lucani 7th December 2009 19:08

Ok, but I have already done it. It was first thing which I did.

kurv 7th December 2009 23:59

my config-files
maybe it help

named.conf
Code:

include "/etc/bind/named.conf.options";

zone "." {
        type hint;
        file "/etc/bind/db.root";
};

//zone "localhost" {
//      type master;
//      file "/etc/bind/db.local";
//};

zone "127.in-addr.arpa" {
        type master;
        file "/etc/bind/db.127";
        allow-update { none; };
};

//zone "0.in-addr.arpa" {
//      type master;
//      file "/etc/bind/db.0";
//};

//zone "255.in-addr.arpa" {
//      type master;
//      file "/etc/bind/db.255";
//};

include "/etc/bind/named.conf.local";

zone "my.domain" {
        type slave;
        file "/etc/bind/zones/db.my.domain";
        masters {IP master server;};
};

named.conf.options
Code:

options {
        directory "/var/cache/bind";

        allow-transfer {77.88.207.78;};
        dnssec-enable yes; // I'm not sure
        auth-nxdomain no;    # conform to RFC1035
        listen-on-v6 { any; };
};

mydns.conf
Code:

db-host = localhost
db-user = ispconfig
db-password = my pass heare
database = dbispconfig
user = nobody
group = nogroup
listen = *       
no-listen = 
zone-cache-size = 2048
zone-cache-expire = 60
reply-cache-size = 2048
reply-cache-expire = 30
log = LOG_DAEMON
pidfile = /var/run/mydns.pid
timeout = 120
multicpu = 1 
recursive = 
allow-axfr = yes
allow-tcp = yes 
allow-update = yes
ignore-minimum = no
soa-table = dns_soa
rr-table = dns_rr     
soa-where = server_id = 1
rr-where =  server_id = 1 
use-soa-active = yes
use-rr-active = yes
notify-enabled = yes
notify-source = IP slave server



All times are GMT +2. The time now is 15:51.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.