Re: secondary DNS server
On Thu, Aug 12, 2010 at 7:33 AM, Olav Vitters o...@vitters.nl wrote:
progress.gnome.org also works
I just finished work on the DNS slave. I went with progress due to the
initial suggestion that signal was built on Gentoo (which we've since
learned is not the case). I didn't want to have to maintain much on a
Gentoo machine (call me lazy) and I started the work before I learned
signal was Debian, so that is how it ended up on the Ubuntu 10.04 LTS
server.
In any case, bind9 is running now on progress and is acting as a slave
to menubar. I see there are additional configured zones on other
servers, which I've commented out until those can be configured with
allow-transfer definitions for the new slave. Someone may need to
inform me where these other boxes are and who to contact for them.
Also, I configured BIND chrooted, which requires manual work on
Debian. Debian does not include a -chroot package like RHEL does, so
manually creating the chroot environment is required. I matched the
directory structure of menubar (the RHEL definition) to be standard
between the two machines. For example,
/var/named/chroot/etc/named.conf can be found in the same location,
and zone data is found in /var/named/chroot/{slave,master}, etc.
If you have any questions about the setup please let me know. I'm sure
it can be improved a bit, as it is a bit of a hybrid between RHEL and
Debian configurations, but it is functional.
I'll add the new NS record to the existing zones by the end of the day.
Christer
___
gnome-infrastructure mailing list
gnome-infrastructure@gnome.org
http://mail.gnome.org/mailman/listinfo/gnome-infrastructure
Re: secondary DNS server
On Mon, Aug 16, 2010 at 02:25:38PM -0600, Christer Edwards wrote: On Thu, Aug 12, 2010 at 7:33 AM, Olav Vitters o...@vitters.nl wrote: progress.gnome.org also works In any case, bind9 is running now on progress and is acting as a slave to menubar. I see there are additional configured zones on other servers, which I've commented out until those can be configured with allow-transfer definitions for the new slave. Someone may need to inform me where these other boxes are and who to contact for them. If you restricted allow-transfer, you'll have to allow transfers from all our existing slaves. Recommend being careful before making such changes. Further, the whois records should be updated (otherwise it will never know about the slave, unless badly cached). -- Regards, Olav ___ gnome-infrastructure mailing list gnome-infrastructure@gnome.org http://mail.gnome.org/mailman/listinfo/gnome-infrastructure
Re: secondary DNS server
On Mon, 2010-08-16 at 22:52 +0200, Olav Vitters wrote: On Mon, Aug 16, 2010 at 02:25:38PM -0600, Christer Edwards wrote: On Thu, Aug 12, 2010 at 7:33 AM, Olav Vitters o...@vitters.nl wrote: progress.gnome.org also works In any case, bind9 is running now on progress and is acting as a slave to menubar. I see there are additional configured zones on other servers, which I've commented out until those can be configured with allow-transfer definitions for the new slave. Someone may need to inform me where these other boxes are and who to contact for them. If you restricted allow-transfer, you'll have to allow transfers from all our existing slaves. Recommend being careful before making such changes. Further, the whois records should be updated (otherwise it will never know about the slave, unless badly cached). Maybe we should just (nicely, with thanks!) ditch the other slaves? A primary and secondary should be enough for our needs. - Owen ___ gnome-infrastructure mailing list gnome-infrastructure@gnome.org http://mail.gnome.org/mailman/listinfo/gnome-infrastructure
Re: secondary DNS server
On Mon, Aug 16, 2010 at 2:52 PM, Olav Vitters o...@vitters.nl wrote: If you restricted allow-transfer, you'll have to allow transfers from all our existing slaves. Recommend being careful before making such changes. Good call. I've removed the allow-transfer back to the default, allowing all. I'm used to managing internal DNS data and limiting the transfers. progress is now serving all the same zones menubar is. The whois records at the registrar will need to be handled by someone that has access to those..? I'm sure I don't have that information. Christer ___ gnome-infrastructure mailing list gnome-infrastructure@gnome.org http://mail.gnome.org/mailman/listinfo/gnome-infrastructure
Re: secondary DNS server
Maybe it's better to update the wiki at the same time, http://live.gnome.org/Sysadmin/Servers So that you won't forget what the progress is used for and also won't confuse other sysadmins. just an idea. :-) On Mon, Aug 16, 2010 at 10:07 PM, Christer Edwards christer.edwa...@gmail.com wrote: On Mon, Aug 16, 2010 at 2:52 PM, Olav Vitters o...@vitters.nl wrote: If you restricted allow-transfer, you'll have to allow transfers from all our existing slaves. Recommend being careful before making such changes. Good call. I've removed the allow-transfer back to the default, allowing all. I'm used to managing internal DNS data and limiting the transfers. progress is now serving all the same zones menubar is. The whois records at the registrar will need to be handled by someone that has access to those..? I'm sure I don't have that information. Christer ___ gnome-infrastructure mailing list gnome-infrastructure@gnome.org http://mail.gnome.org/mailman/listinfo/gnome-infrastructure -- Ray Wang - Follow your dreams ___ gnome-infrastructure mailing list gnome-infrastructure@gnome.org http://mail.gnome.org/mailman/listinfo/gnome-infrastructure
Re: secondary DNS server
On Wed, Aug 11, 2010 at 06:26:34PM -0600, Christer Edwards wrote: I'd be happy to set this up, and I'm more than familiar with BIND (I'm the DNS guy at my office). If anyone would like to pipe in with their opinions regarding where to put it, go ahead. Suggest signal.gnome.org -- Regards, Olav ___ gnome-infrastructure mailing list gnome-infrastructure@gnome.org http://mail.gnome.org/mailman/listinfo/gnome-infrastructure
Re: secondary DNS server
On Wed, Aug 11, 2010 at 11:37 PM, Olav Vitters o...@vitters.nl wrote: On Wed, Aug 11, 2010 at 06:26:34PM -0600, Christer Edwards wrote: I'd be happy to set this up, and I'm more than familiar with BIND (I'm the DNS guy at my office). If anyone would like to pipe in with their opinions regarding where to put it, go ahead. Suggest signal.gnome.org progress.gnome.org also works -- Jeff Schroeder Don't drink and derive, alcohol and analysis don't mix. http://www.digitalprognosis.com ___ gnome-infrastructure mailing list gnome-infrastructure@gnome.org http://mail.gnome.org/mailman/listinfo/gnome-infrastructure
Re: secondary DNS server
Suggest signal.gnome.org progress.gnome.org also works I think I'll go with progress as I still don't have an account on signal. Christer ___ gnome-infrastructure mailing list gnome-infrastructure@gnome.org http://mail.gnome.org/mailman/listinfo/gnome-infrastructure
Re: secondary DNS server
On Thu, Aug 12, 2010 at 06:44:58AM -0600, Christer Edwards wrote: Suggest signal.gnome.org progress.gnome.org also works I think I'll go with progress as I still don't have an account on signal. You should be able to now. First time you'll need to login with a password. So please setup key authetication. Last time it had Debian. Seems they've switched to Gentoo :-( Nice thing about Signal is that I don't break it (unlike the Ubuntu machines) plus the hosting location does the security updates. -- Regards, Olav ___ gnome-infrastructure mailing list gnome-infrastructure@gnome.org http://mail.gnome.org/mailman/listinfo/gnome-infrastructure
