Notifying a Slave Name Server Not in a Zones NS Records

Notifying a Slave Name Server Not in a Zone s NS Records

3.13.1 Problem

You want to notify a slave name server not listed in the NS records for a zone of changes to that zone's serial number.

3.13.2 Solution

Use the also-notifysubstatement as a zone substatement, to apply only to changes to that zone:

zone "foo.example" {
 type master;
 file "db.foo.example";
 also-notify { 192.168.0.2; };
};

Or use it as a substatement to the options statement, to apply to all zones for which this name server is authoritative:

options {
 directory "/var/named";
 also-notify { 192.168.0.2; };
};

3.13.3 Discussion

There are lots of reasons not to list a slave name server in a zone's NS records; you've made it a slave because the resolvers that query it frequently look up records in the zone, but you don't want other name servers querying it, for example. This kind of a slave name server is called a stealth slave. See Section 7.5 for instructions on configuring a stealth slave.

However, you probably want your stealth slave to be alerted of changes to the zone as quickly as the other slaves for the zone. Since the other authoritative name servers for the zone have no automatic way of discovering your stealth slave, you need to explicitly configure the slave's master name server to send it NOTIFY messages. Remember to configure only your stealth slave's master name server to notify it -- it'll ignore NOTIFY messages from other name servers.

Note that also-notify isn't supported as an options substatement in older versions of BIND 8. Support was introduced in BIND 8.2.2.

3.13.4 See Also

Section 7.5 for instructions on configuring a stealth slave name server and "DNS NOTIFY (Zone Change Notification)" in Chapter 10 of DNS and BIND.

Getting Started

Zone Data

BIND Name Server Configuration

Electronic Mail

BIND Name Server Operations

Delegation and Registration

Security

Interoperability and Upgrading

Resolvers and Programming

Logging and Troubleshooting

IPv6



DNS & BIND Cookbook
DNS & BIND Cookbook
ISBN: 0596004109
EAN: 2147483647
Year: 2005
Pages: 220
Authors: Cricket Liu

Similar book on Amazon

Flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net