On Aug 20, 2013, at 2:36 PM, LuKreme <krem...@kreme.com> wrote: > > On 18 Aug 2013, at 19:20 , Noel Butler <noel.but...@ausics.net> wrote: > >> As has been said already, there is really very little to it, and unless you >> sent it to Alan off-list, you still have _NOT_ provided the error logs >> after being asked by more than one person. > > Thanks, I thought I was clear. > > I am *not* getting any errors, so there are no error logs. However, I am > currently running each server as a master.
You started this thread with "I was getting errors so I switched to all
masters" -- we wanted to help you fix the initial problem. We've now gone off
on a "don't fix the old stuff, make new stuff work" tangent, so, never mind
about the error messages.
> What I am looking for is something (docs, a writeup, a how-to, anything) on
> converting a master bind 9.9 server to a slave bind 9.9 server. I see a lot
> on converting a slave to a master.
You don't find anything, because it's so easy:
To convert master to slave:
if you have:
zone example.com {
type master; // I own this.
file "files/example.com"; // Here's where I read them from
};
it will become:
zone example.com {
type slave; // Now a slave
file "files/example.com"; // Must now be writable by BIND
masters { 192.168.1.1; }; // IP address of master server here
};
Bazinga!
> 1. RAW versus TEXT
> 2. allow transfer
> 3. notify
> 4. key files<1>
> 5. dnssec-enable
> 6. managed-keys
1: you don't care, as the new slave will xfer over the old data
2: read the documentation, it's not part of master/slave transition, setup
good acls
3: notify just works unless you have odd configuration
4: you don't want the same key files on more than one server
5: not related to master/slave, just leave it enabled
6: that's dnssec-validation related
If you have any specific questions on these items, ask them, otherwise there
are a number of classes around (I teach one of them, several other people on
the list [that have responded to you, if I remember right] also teach them) and
I would recommend either a class or a book (again, several come to mind).
A fantastic (free) resource is: http://www.zytrax.com/books/dns/
> and any changes in how root servers are setup since I am pretty sure that has
> changed since I first setup bind 9.1 many eons ago (2002?).
If you are Internet visible, you don't do anything with configuring anything
about the roots, as it "just works" (compiled into bind since 9.3ish).
AlanC
--
Alan Clegg | +1-919-355-8851 | a...@clegg.com
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
