Secondary DNS synchronization

Discussion in 'Installation/Configuration' started by Polk, Aug 25, 2010.

  1. Polk

    Polk New Member

    I have installed BIND on DNS1 and DNS2 (two separate servers).
    I have ISPconfig3 on DNS1 only. How can I configure a sync of zones without installing ISPconfig3 on DNS2?
    Is there some way that two BIND servers can sync zones? I mean for existing domains it will sync, but when I create new domains, zones on DNS2 are not created.
    help please?
     
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    Create secondary dns zones on the second bind server and bind will sync the zone contents from the master automatically on updates.
     
  3. Polk

    Polk New Member

    Till, I know this, thank you, my question is can the zones be synced? If I created new zone pri.domain.com, can BIND somehow create it on NS2 ? I'm guessing BIND cannot do that but are there any other tools that can create zone on NS2 when NS1 is created?

    thank you.
     
  4. matty

    matty Member

    The following is a script I wrote (as part of a wider group of post-action scripts) some years ago to do this when using cPanel. It's not bulletproof, but it did the job. Hopefully, you might find it useful. I don't know if ISPConfig3 has a hook to call an external script following certain actions, but it would be cool if it does.

    This script goes on your secondary, and is called from your primary with something like:

    Code:
    addslavezone () {
            /usr/bin/ssh $SLAVE /etc/bind/scripts/addslavezone.sh $ZONE
    }
    
    I'll leave the ssh setup as an exercise for the reader.

    Code:
    #!/bin/bash -
    # Adds a slave zone entry to the designated file.
    # 20060109 - matty
    
    conffile="/etc/bind/named.conf.local"
    [email protected]
    zone="$1"
    
    usage () {
    	echo " Usage: $0 <zone>"
    	echo " ie. $0 foobar.com"
    }
    
    abort () {
    	echo "Adding $zone to `uname -n` FAILED. NOT added this at time. Please check manually." | mail -s "WARNING: Zone $zone failed creation on `uname -n`" $adminemail
    	exit 1
    }
    
    # Make sure we have one argument
    if [ $# -ne 1 ]; then
       usage
       exit 1
    fi
    
    # Do we already have this zone?
    exist=`grep -c "zone \"$zone\" {" $conffile` 
    if [ $exist -ne 0 ]; then
       abort
    fi
    
    
    # Add the zone
    cat >> $conffile <<EOF
    
    zone "$zone" {
            type slave;
            file "/etc/bind/zones/db.${zone}";
            masters { 111.22.1.2; };
    };
    EOF
    # Make sure adding the zone to the config file worked, else bail.
    # Otherwise, tell BIND to load the updated config.
    if [ $? -ne 0 ]; then
       abort
     else
       /usr/sbin/rndc reconfig
    fi
    
     
  5. Polk

    Polk New Member

    Thank you very much for your reply. It seems exactly what I need, but I want to clarify one thing.
    when you say 'This script goes on your secondary, and is called from your primary' where does it go exactly? do I need to add it to cron or how exactly will it be called by primary?
     
  6. matty

    matty Member

    OK, I'm not sure how to explain this without making a big long post and potentially leading you down the road to problems. The upshot is, if my post didn't make a whole lot of sense to you, some of the concepts are a little beyond "put this here, type abc, run xyz" instructions. Maybe there's scope for a new How-To in this. ;)

    Generally speaking:
    - I'm relying on ISPConfig3 having a way to call an external script after performing some action such as adding a new domain from the web interface. If it doesn't have this, the rest is moot, as you'll have to do things manually anyway.

    Assuming ISPConfig3 can call external scripts:
    - My method relies on using passwordless ssh logins from the ISPConfig3 server to the secondary DNS server. This is so ISPConfig3 can cause the script to be run on the secondary. An example of the command for the ISPConfig3 server is what I gave first, and was a function that could be called from a script on the ISPConfig3 server. I'm assuming the ISPConfig3 server is the primary DNS server for the purposes of your original question.
    - The script can be placed anywhere on the secondary nameserver, but generally speaking, /usr/local/bin is a good place. You have to alter some items in the script to suit your circumstances.

    OK, I'm out of here for the weekend. Hopefully I haven't confused you too much. :eek: :D
     
  7. Polk

    Polk New Member

    Thanks for the details. Yes, I'm relatively new, but will try to dig this. In general, I understood where to start looking for this.

    have a great weekend!
     

Share This Page