Re: multi-master with mysql backend
I need really something very simple: I have 2 domain name servers, I need them to be multi-master Please explain -- *why* do you need multimaster? I need to be able to update the nameserver even if one of the two masters is down, I need this for High Avaliability purposes for services geographycally distriuted If I do not have a multimaster architecture and primary nameserver goes down, I Cannot update the secondary if I need to. How about rsync? I too need a second master in an alternate location, only in the event of a catastrophe (loss of a data center). There are active slaves with dynamic zones in both locations. Any of the slaves can use either master, but by default, they use the one listed first in named.conf which is the master in the main location. If the first master disappears, the slaves will use the other master. Simplicity is important to me as well and that's why I chose rsync to periodically get the zone data (and configs) to the master in the secondary location. I looked into MySQL (which I use for other purposes), but the solution was no longer simple. Steve. ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
bind9: debugging information in logs
Hello,
Could you please give me clarification about debugging mode.
In the BIND9.7 ARM I found this:
...
The server can supply extensive debugging information when it is in debugging
mode. If the server’s
global debug level is greater than zero, then debugging mode will be active.
The global debug level is
set either by starting the named server with the -d flag followed by a positive
integer, or by running
rndc trace. The global debug level can be set to zero, and debugging mode
turned off, by running rndc
notrace. All debugging messages in the server have a debug level, and higher
debug levels give more
detailed output. Channels that specify a specific debug severity, for example:
channel specific_debug_level {
file foo;
severity debug 3;
};
will get debugging output of level 3 or less any time the server is in
debugging mode, regardless of
the global debugging level.
...
But on the BIND9.7.2-P3 I have seen that: if only severity debug [level] will
be set in channel configuration and at the same time debugging level is 0 - I
will see in log file information regarding to this debugging level. I think
something is wrong.
--
With best regards,
Pavel Sukhoy
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
Re: compile error bind-9.7.2-P3 osx 10.5.8 ppc
On Feb 8, 2011, at 8:43 PM, donovan jeffrey j wrote: greetings i was able to update ssl to OpenSSL 1.0.0c 2 Dec 2010 when i try and recompile bind I get an error on make Undefined symbols: _RSA_generate_key_ex, referenced from: _opensslrsa_generate in libdns.a(opensslrsa_link.o) _DSA_generate_parameters_ex, referenced from: _openssldsa_generate in libdns.a(openssldsa_link.o) _DH_generate_parameters_ex, referenced from: _openssldh_generate in libdns.a(openssldh_link.o) ld: symbol(s) not found collect2: ld returned 1 exit status make[2]: *** [named] Error 1 make[1]: *** [subdirs] Error 1 make: *** [subdirs] Error 1 Remember that MacOS X includes OpenSSL. Are you really updating the version on OpenSSL supplied by Apple, or are you installing a second, and newer, version of OpenSSL in a different directory? Where did you install the OpenSSL package? Did you use the defaults, which installs in /usr/local/ssl? What configure option(s) did you use when building BIND? Did you explicitly state --with-openssl? The default, not specifying with- openssl, will use Apple's OpenSSL, which is OpenSSL 0.9.7, not OpenSSL 1. I ***just*** successfully built BIND 9.7.2-P3 with OpenSSL 1.0.0.c. I am also running MacOS X 10.5.8, but on an Intel machine rather than PPC. My added OpenSSL was installed in it's default location, /usr/ local/ssl. The configure command for building BIND was ./configure -- with-openssl=/usr/local/ssl. Note that I explicitly specified the path for OpenSSL to avoid using the Apple supplied version of OpenSSL. Bill Larson ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
syntax/format of zone on slave $ORIGIN/paragraph - sorted?
Hello, I have bind/named running on Linux master and slaves. All is good, but now when I’m trying to clean up some old records – I realized that sorted zone on slaves are quite uneven. What I meant is, the $ORIGIN splits the zone into some unknown to me syntax/format. Is there anywhere I can find the description/documentation on it – How exactly slave parse the zone from master and puts all these arbitrary paragraphs with $ORIGIN. Thanks, Walter ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: syntax/format of zone on slave $ORIGIN/paragraph - sorted?
On Feb 9 2011, Walter Smith wrote: I have bind/named running on Linux master and slaves. All is good, but now when I'm trying to clean up some old records - I realized that sorted zone on slaves are quite uneven. What I meant is, the $ORIGIN splits the zone into some unknown to me syntax/format. Is there anywhere I can find the description/documentation on it - How exactly slave parse the zone from master and puts all these arbitrary paragraphs with $ORIGIN. Remember that what is transferred from the master to the slave is in internal (binary) DNS format. The format that the slave writes it to disc (unless you have specified masterfile-format raw) is the same as that which named-checkzone would generate with the options -D -F text -s relative. As the named-checkzone man page says under -s, The full format is most suitable for processing automatically by a separate script. On the other hand, the relative format is more human-readable and is thus suitable for editing by hand. More does not mean very, as you have noticed :-) -- Chris Thompson Email: c...@cam.ac.uk ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: about the file command
On 2/8/2011 9:15 AM, Terry. wrote:
2011/2/8 Matus UHLAR - fantomasuh...@fantomas.sk:
On 08.02.11 17:40, Terry. wrote:
Can BIND's file command referer to more than one zone file?
For example,
zone test.nsbeta.info {
type master;
file a.db;
file b.db;
};
When a record doesn't exist in a.db, BIND will continue to look for it in
b.db.
Afaik, no. Why would you want that?
For views catchall.
for example, named.conf has three views enabled by default, some users
have three veiws setup, but some have only two views setup, so I want
the catchall solution for the the lack of a view.
There is no default named.conf. Are you referring to some named.conf
that was provided in an OS distribution? As part of a third-party DNS
management tool? Perhaps you need to provide some specifics about your
particular environment.
The general approach used with views is to include the entries that
*every* view should see, into each version of the zone(s) in their
respective views. Yes, this duplicates data and occupies more memory
than is strictly necessary. If capacity is a problem, you always have
the option of running separate nameserver instances on separate hardware
or virtualized OS instances. Views are only a convenience for those who
have the capacity and the desire to run multiple logical nameserver
instances inside of a single process running in a single OS image.
This cross-view record-level or RRset-level inclusion can be done either
through $INCLUDE-file chicanery, or by designing/modifying/configuring
your DNS maintenance system to make and maintain the relevant entries in
parallel.
As for selection of views, these are matched in order, so if your last
view has match-clients { any; }; (or, if you prefer,
match-destinations { any; };, this gives you the not otherwise
matched behavior you seem to be seeking.
- Kevin
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
Re: syntax/format of zone on slave $ORIGIN/paragraph - sorted?
On 02/09/11 17:34, Walter Smith wrote: Hello, I have bind/named running on Linux master and slaves. All is good, but now when I’m trying to clean up some old records – I realized that sorted zone on slaves are quite uneven. What I meant is, the $ORIGIN splits the zone into some unknown to me syntax/format. Is there anywhere I can find the description/documentation on it – How exactly slave parse the zone from master and puts all these arbitrary paragraphs with $ORIGIN. $ORIGIN is simply appended to every name that does not have dot at the end. So $ORIGIN example.com www a 1.2.3.4 and www.example.com. a 1.2.3.4 are completely equivalent. Now, why would you want to look into slave files, except for verifying that the zone transfer succeeded? Torinthiel ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: syntax/format of zone on slave $ORIGIN/paragraph - sorted?
In article mailman.43.1297269285.10842.bind-us...@lists.isc.org, Walter Smith whatis...@yahoo.com wrote: Hello, I have bind/named running on Linux master and slaves. All is good, but now when Iâm trying to clean up some old records â I realized that sorted zone on slaves are quite uneven. What I meant is, the $ORIGIN splits the zone into some unknown to me syntax/format. Is there anywhere I can find the description/documentation on it â How exactly slave parse the zone from master and puts all these arbitrary paragraphs with $ORIGIN. When writing the zone file on a slave, BIND uses $ORIGIN so that all records just have a single label. So instead of writing: foo.bar IN A 1.2.3.4 it will write: $ORIGIN bar foo IN A 1.2.3.4 If you have a zone with lots of levels of subdomain, the file will have lots of $ORIGIN statements as a result. -- Barry Margolin, bar...@alum.mit.edu Arlington, MA *** PLEASE don't copy me on replies, I'll read them in the group *** ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
