Ubuntu – Master Server Bind i’s OK but Slave NO

bindmaster-slaveUbuntu

I install two dns server (BIND 9) was the first master, the second is slave.

In Master Server:

The file /etc/bind/named.conf.local

zone "globaltic.tk" {
    type master;
    file "/etc/bind/db.globaltic.tk";
    notify no;
    allow-transfer { 192.168.1.2; };

};

  zone "1.168.192.in-addr.arpa" {
    type master;
    notify no;
    file "/etc/bind/db.1.168.192.in-addr.arpa";
    allow-transfer { 192.168.1.2; };

};

NOW THE FILE ZONE:db.globaltic.tk

$TTL 604800
@  IN      SOA     NS1.globaltic.tk.      root.globaltic.tk. (
                                                    ** 1 ;serial **
                                                    3600 ;refresh
                                                    3600 ;retry
                                                    **2419200 ;expire**
                                                    3600 ;minimum TTL)
 @           IN      NS      NS1.globaltic.tk.
 @           IN      NS      NS2.globaltic.tk.
 @           IN      MX  10  mail.globaltic.tk.
 NS1         IN      A       192.168.1.1
 NS2         IN      A       192.168.1.2
 mail        IN      A       192.168.1.2
 www         IN      A       192.168.1.3

In Slave Server
The file /etc/named.conf.local :

//
// Do any local configuration here
//
// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";

zone "globaltic.tk" {
    type slave;
    file "/var/cache/bind/db.globaltic.tk";
    masters { 192.168.1.1; };

};

zone "1.168.192.in-addr.arpa" {
    type slave;
    file "/var/cache/bind/db.1.168.192.in-addr.arpa";
    masters { 192.168.1.1; };

};

The file /var/cache/bind/db.globaltic.tk

$ORIGIN .
$TTL 604800     ; 1 week

globaltic.tk            IN SOA  NS1.globaltic.tk. root.globaltic.tk. (
                            **2011041410 ; serial**
                            3600       ; refresh (1 hour)
                            3600       ; retry (1 hour)
                            **3600       ; expire (1 hour)**
                            3600       ; minimum (1 hour)
                            )
                    NS      NS1.globaltic.tk.
                    NS      NS2.globaltic.tk.
                    MX      10 mail.globaltic.tk.

$ORIGIN globaltic.tk.
mail                    A       192.168.1.2
NS1                     A       192.168.1.1
NS2                     A       192.168.1.2
www                     A       192.168.1.3

the contents of / etc / resolv.conf in the master NS1
search globaltic.tk
nameserver 192.168.1.1
the contents of / etc / resolv.conf in the Slave NS2
search globaltic.tk
nameserver 192.168.1.1
nameserver 192.168.1.2

the problem is:

-the update can not be made between the master and slave, although I restart bind and reboot each server.

-when I did nslookup nslookup ns1 mail or on the Master server it works, but in the Slave it gives me this message:

  ;; connection timed out; No servers Could Be Reached

Best Answer

There are at least two problems. (1) As highlighted in your post, something got messed up with the serial numbers. The slave has a greater serial number than the master so it will not update its zone data when it receives a notify from the master. Assuming you are using the YYYYMMDDNN convention for serial numbers, update the master zone file to 2011052300. (2) You have notify no; set so the master won't send notifications. Remove that (in both places). After that restarting named on the master should allow the slave to start updating.

As for the timeout running nslookup there may be a firewall blocking access from ns2 to ns1 or you have some acls in your named.conf that you aren't showing.

Related Topic