Re: Getting dynamic entries into their db files
Hello John. Cherney John-CJC030 wrote: [rndc freeze ] > Thanks! I hadn't tried that. I have a problem with that, though. I don't > know which of my ~600 zones will or won't have dynamic updates. Well, if there is a .jnl file for a zone, it needs to be flushed. A bit of shell scripting can generate the rndc freeze and thaw commands. Dynamic updates issued while a zone is frozen will be lost, unless the updating application handles the error and retries often enough. So you probably don't want to freeze zones too long. > It > doesn't appear that there is a way to do an rndc freeze on all of my > zones at once, or pass a wildcard in as the zone name. Indeed. I don't know a way to force BIND to write out all zone files without interrupting normal service. Maybe the folks on bind-users know more. AFAIK, the nearest you can get is to set "flush-zones-on-shutdown" and restart the nameserver: | flush-zones-on-shutdown | When the nameserver exits due receiving SIGTERM, flush or | do not flush any pending zone writes. | The default is flush-zones-on-shutdown no. Also keep in mind that flushing the journal removes IXFR availability up to the current serial number, although this point shouldn't matter much if all slaves are already in sync. I agree with Mark, though, that static backups of dynamic zones are often useless, except for emergencies where all authoritative servers lost the zone. If you restore zones and journals from backup, you lose changes from the timeframe between the snapshot and restoration and need to force a retransfer on all slave servers or manually increase the serial number. It's probably better to sync the current zone from a secondary server before re-enabling dynamic updates. Hauke. signature.asc Description: OpenPGP digital signature ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Getting dynamic entries into their db files
Mark Andrews writes: > Have you really thought about this? The correct way to > backup the DNS is to use slaves. If all is going well you > will only loose a minute or two of changes. You really > don't want to roll back to what is in backup tapes. At our site, I administer several FreeBSD and Linux boxes. Several of the FreeBSD boxes run slaves for the express purpose of disaster recovery. If you make sure that all the zone files' names for your slaves exactly match the files used for the master zones, you can promote one of the slaves to be a master providing you save your master DNS's configuration files on the slaves, maybe in a tar ball that you refresh each day via cron. Your tar ball needs to not overwrite the actual zone data as this would totally defeat the purpose, but it does need to overwrite the present named configuration so as to be come the new master. What you do about coming up on your master's address is totally up to you, but you could use a virtual interface if the slave is on the same subnet as was the master, or you could conceivably reconfigure the interface temporarily if possible, but the object is to have a presence on the IP address of your master so you can resume dynamic control. We actually did loose our master one evening as all were going home for the day. The FreeBSD box that was our master had the OS on one drive and /var on another. The boot drive died so bind actually continued to work but we had no control any longer. In order to bring the new slave up to master status, we had to physically disconnect the Ethernet interface of the master. The slave promotion worked except I discovered the value of checking all file names before hand. One was wrong and, well, that's another war story. The main thing is that each slave is a perfect backup for your whole operation. It takes very little effort to set them up and almost no maintenance afterwards. They just run themselves quite nicely. Martin McCormick ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Getting dynamic entries into their db files
In message <708178298b2b4b448e70b9686e60ac860391f...@ct11exm61.ds.mot.com>, "Ch erney John-CJC030" writes: > Is there a way to get dynamic DNS entries out of the jnl files and into > the zone data file? My understanding is that the two usual ways are to > run "rndc stop", or to wait a certain period of time. I'm running BIND > 9.3.5-P1 on Solaris 10. What I am trying to do is to stop DNS, make a > backup of all of the db files and then restart DNS. I don't want to make > backups of the jnl files. > > To complicate matters, I am doing this on Solaris 10, which uses SMF for > starting and stopping DNS. The command svcadm disable > svc:/network/dns/server:default does stop DNS, but it doesn't appear to > write the dynamic data to the zone data file.=20 > > So: > Is there a better BIND related way of getting that dynamic data into the > zone data file? > Is there a better SUN related way of getting that dynamic data into the > zone data file? > > Originally, I had changed the SUN SMF stop method from ":kill" to "rndc > stop", and that worked fine, except in some cases, it was noticed that > named was not restarting on reboot. Changing the stop method back to > ":kill" seems to care of that problem, but opens up that dynamic update > commit problem.=20 > > Thoughts? Suggestions? > Thanks in advance! > jwc > Have you really thought about this? The correct way to backup the DNS is to use slaves. If all is going well you will only loose a minute or two of changes. You really don't want to roll back to what is in backup tapes. If you need to keep snapshots then use dig to extract a copy of the zone from the nameserver. Mark -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Getting dynamic entries into their db files
Is there a way to get dynamic DNS entries out of the jnl files and into the zone data file? My understanding is that the two usual ways are to run "rndc stop", or to wait a certain period of time. I'm running BIND 9.3.5-P1 on Solaris 10. What I am trying to do is to stop DNS, make a backup of all of the db files and then restart DNS. I don't want to make backups of the jnl files. To complicate matters, I am doing this on Solaris 10, which uses SMF for starting and stopping DNS. The command svcadm disable svc:/network/dns/server:default does stop DNS, but it doesn't appear to write the dynamic data to the zone data file. So: Is there a better BIND related way of getting that dynamic data into the zone data file? Is there a better SUN related way of getting that dynamic data into the zone data file? Originally, I had changed the SUN SMF stop method from ":kill" to "rndc stop", and that worked fine, except in some cases, it was noticed that named was not restarting on reboot. Changing the stop method back to ":kill" seems to care of that problem, but opens up that dynamic update commit problem. Thoughts? Suggestions? Thanks in advance! jwc ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
