Hello,
we have a mixed environment at work: CentOS + Win2003 servers. The Win2k3 part contains: AD, DNS (inlc. dyndns), DHCP, DFS, Exchange. The CentOS part: NIS passwords + also a DNS server.
So currently we have to update the Linux DNS server zone infos by hand: I export a text file from Windows DNS server and then edit it around using vim.
On the Windows side however it's easy for me to setup additional DNS servers at other machines: I just configure them as "secondary" and they pull zone infos automatically.
I wonder if there is a way to setup such a "secondary" DNS server under CentOS as well?
And no, I'm not asking about how to setup a DNS-forwarder. (Because I want the Linux server to pull and maintain zone infos automatically and to work even if Windows-counterpart is down.)
Regards Alex
I found this useful...
http://technet.microsoft.com/en-us/library/dd316373.aspx
On Thu, Mar 5, 2009 at 6:22 PM, Alexander Farber <alexander.farber@gmail.com
wrote:
Hello,
we have a mixed environment at work: CentOS + Win2003 servers. The Win2k3 part contains: AD, DNS (inlc. dyndns), DHCP, DFS, Exchange. The CentOS part: NIS passwords + also a DNS server.
So currently we have to update the Linux DNS server zone infos by hand: I export a text file from Windows DNS server and then edit it around using vim.
On the Windows side however it's easy for me to setup additional DNS servers at other machines: I just configure them as "secondary" and they pull zone infos automatically.
I wonder if there is a way to setup such a "secondary" DNS server under CentOS as well?
And no, I'm not asking about how to setup a DNS-forwarder. (Because I want the Linux server to pull and maintain zone infos automatically and to work even if Windows-counterpart is down.)
Regards Alex _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Hello,
On Thu, Mar 5, 2009 at 12:44 PM, Brian McKerr bmckerr@gmail.com wrote:
thank you, I have the forward zones replicated from the prim. DNS hosted at our Windows DC fine with this config:
# cat /etc/*release CentOS release 5.2 (Final)
# rpm -qa|grep bind bind-libs-9.3.4-6.0.3.P1.el5_2 bind-9.3.4-6.0.3.P1.el5_2 ypbind-1.19-8.el5 bind-utils-9.3.4-6.0.3.P1.el5_2 bind-chroot-9.3.4-6.0.3.P1.el5_2
# cat /var/named/chroot/etc/named.conf options { directory "/var/named"; };
zone "internal.mycompany.com" IN { type slave; file "slaves/internal.mycompany.com"; masters { 10.121.42.40 port 53;}; check-names ignore; };
zone "42.121.10.in-addr.arpa" IN { type slave; file "slaves/10.121.42"; masters { 10.121.42.40 port 53;}; check-names ignore; };
include "/etc/rndc.key";
But the replication of the reverse zone doesn't work yet - I get errors:
named[30219]: zone 42.121.10.in-addr.arpa/IN: refresh: unexpected rcode (NXDOMAIN) from master 10.121.42.40#53 (source 0.0.0.0#0)
Maybe I need to use some other name there?
I'm reading out on "dig" tool currently, trying to find out which zone names are served by the Windows prim. DNS...
Regards Alex
But the replication of the reverse zone doesn't work yet - I get errors:
named[30219]: zone 42.121.10.in-addr.arpa/IN: refresh: unexpected rcode (NXDOMAIN) from master 10.121.42.40#53 (source 0.0.0.0#0)
Maybe I need to use some other name there?
I'm reading out on "dig" tool currently, trying to find out which zone names are served by the Windows prim. DNS...
Regards Alex
You need to authorize the replication of the zone by the slave (linux) on the master server (windows).
To do it, the simplest is to change the master zones properties on the windows server : - add the linux server as domain name server for the zone - authorize the zone transfer for all servers listed as domain name server for the zone (so it will enables the linux server to replicate)
regards,
On Fri, Mar 6, 2009 at 10:05 AM, Alain RICHARD alain.richard@equation.fr wrote:
But the replication of the reverse zone doesn't work yet - I get errors:
named[30219]: zone 42.121.10.in-addr.arpa/IN: refresh: unexpected rcode (NXDOMAIN) from master 10.121.42.40#53 (source 0.0.0.0#0)
You need to authorize the replication of the zone by the slave (linux) on the master server (windows). To do it, the simplest is to change the master zones properties on the windows server :
- add the linux server as domain name server for the zone
- authorize the zone transfer for all servers listed as domain name server
for the zone (so it will enables the linux server to replicate)
Thank you Alain, but actually I have authorized both zones in Windows DNS server settings - both for forward and the reverse zones. But the reverse zone isn't replicated and the "file" (specified in named.conf) isn't created for the reverse zone.
I suspect maybe the zone name is wrong here? (i.e. not accepted by the Windows prim. DNS server):
zone "42.121.10.in-addr.arpa" IN { type slave; file "slaves/10.121.42"; masters { 10.121.42.40 port 53;}; check-names ignore; };
Regards Alex
Ok, figured it out:
# cat /var/named/chroot/etc/named.conf options { directory "/var/named"; };
zone "internal.mycompany.com" IN { type slave; file "slaves/internal.mycompany.com"; masters { 10.121.42.40 port 53;}; check-names ignore; };
zone "121.10.in-addr.arpa" IN { type slave; file "slaves/10.121"; masters { 10.121.42.40 port 53;}; check-names ignore; };
include "/etc/rndc.key";
Alexander Farber wrote:
Hello,
we have a mixed environment at work: CentOS + Win2003 servers. The Win2k3 part contains: AD, DNS (inlc. dyndns), DHCP, DFS, Exchange. The CentOS part: NIS passwords + also a DNS server.
So currently we have to update the Linux DNS server zone infos by hand: I export a text file from Windows DNS server and then edit it around using vim.
On the Windows side however it's easy for me to setup additional DNS servers at other machines: I just configure them as "secondary" and they pull zone infos automatically.
I wonder if there is a way to setup such a "secondary" DNS server under CentOS as well?
And no, I'm not asking about how to setup a DNS-forwarder. (Because I want the Linux server to pull and maintain zone infos automatically and to work even if Windows-counterpart is down.)
You can specify multiple forwarders if you have more than one server already set up the way you want. Named will find one that works and cache the results locally for its time to live. Once you have a couple of robust boxes configured it is easier to do that on the rest than to deal with local zones everywhere.
Or, if you really want to act as a secondary, just make a zone type of 'slave' and specify the masters and a file to hold the zone info. You will also have to permit the transfer to this host on the windows server side.
On Thu, Mar 5, 2009 at 2:47 PM, Les Mikesell lesmikesell@gmail.com wrote:
You can specify multiple forwarders if you have more than one server already set up the way you want. Named will find one that works and cache the results locally for its time to live. Once you have a couple of robust boxes configured it is easier to do that on the rest than to deal with local zones everywhere.
Or, if you really want to act as a secondary, just make a zone type of 'slave' and specify the masters and a file to hold the zone info. You will also have to permit the transfer to this host on the windows server side.
Yes thanks, I've realized that I want a "slave" in BIND-talk and I probably should use the "file" option too.
If anyone already has some good configs, please share
Regards Alex
-
Alain RICHARD -
Alexander Farber -
Brian McKerr -
Les Mikesell