I've created secondary dns zone on the slave server, but the zones never transfer even though the slave in on the allow transfer of the primary dns domain record.
Could you please check your directory ownership and permissions. /etc/bind/slave should have set ownership to root.bind and permissions 2770 chown root:bind /etc/bind/slave chmod -R 2770 /etc/bind/slave Regards
None of the guides include this instruction. None of the guides are based on wiki, so that it can be amended by anyone to include this instruction. The guides are made by FALKO. I guess we need to contact him to make the change
Which tutorial did you use? I will update the guide. All guides labeled with "Falko" are from our ISPConfig and howtoforge support team, Falko is one of our employees that published the guides.
This install of bind does not include it: http://www.howtoforge.com/perfect-server-debian-wheezy-apache2-bind-dovecot-ispconfig-3-p4 nor here: http://www.howtoforge.com/multiserv...servers-on-debian-squeeze-with-ispconfig-3-p4 and countless others. I've yet to find a guide where the installation of bind includes this instruction.
Thank you for posting the links. The guides are correct and not to blame here as the slave directory is created by the ispconfig installer automatically, it is not created in the guide. The ispconfig installer creates it with user root:bind and 770 permissions. Which ispconfig version did you install? If you did not install version 3.0.5.4p5 initially, which older version did you install first and did you choose "yes" when the updater asks to reconfigure permissions?
The master was installed with 3.0.5.4p4 and the slave was installed with 3.0.5.4p5. The slave was originally setup as a master then ispconfig was uninstalled and re-installed as a slave. The guides used in both cases was: http://www.howtoforge.com/perfect-server-debian-wheezy-apache2-bind-dovecot-ispconfig-3 No modifications were done to slave after the guide except for: change of aliases for mail added the virtual IPS of the server (eth0:0, eth0:1,etc) denyhosts was installed The installation used to setup this debian was the non-official 7.7 amd64 netinst with all the firmware. This was because the server needed the BNX driver for the NICS.
I checked that on our test servers, bind is indeed not able to write to that directory with 0770 permissions anymore. I changed that in the ispconfig installer now. http://bugtracker.ispconfig.org/index.php?do=details&task_id=3736
Yeah!!! Great I could be of help. Well, I guess if the installer takes care of it, it saves from having to update the docs.
The same issue has suddenly struck me. The slave server still updates from the master but new zones are not created. I reproduced this problem across all servers and the issue is coincident with the p9 update. Taking my lead from the posts above I checked out the permissions for /etc/bind/slave and then changed them to 2770 as you can see from this first time Jessie installation today: Code: root@v6:/etc/bind# ls -l total 56 -rw-r--r-- 1 root root 2389 Mar 9 23:26 bind.keys -rw-r--r-- 1 root root 237 Mar 9 23:26 db.0 -rw-r--r-- 1 root root 271 Mar 9 23:26 db.127 -rw-r--r-- 1 root root 237 Mar 9 23:26 db.255 -rw-r--r-- 1 root root 353 Mar 9 23:26 db.empty -rw-r--r-- 1 root root 270 Mar 9 23:26 db.local -rw-r--r-- 1 root root 3048 Mar 9 23:26 db.root -rw-r--r-- 1 root bind 463 Mar 9 23:26 named.conf -rw-r--r-- 1 root bind 490 Mar 9 23:26 named.conf.default-zones -rw-r--r-- 1 root bind 343 Apr 20 18:49 named.conf.local -rw-r--r-- 1 root bind 890 Apr 20 16:04 named.conf.options -rw-r----- 1 bind bind 77 Apr 20 16:04 rndc.key d-ws-w--wT 2 root bind 4096 Apr 20 16:38 slave -rw-r--r-- 1 root root 1317 Mar 9 23:26 zones.rfc1918 root@v6:/etc/bind# chmod -R 2770 /etc/bind/slave root@v6:/etc/bind# ls -l total 56 -rw-r--r-- 1 root root 2389 Mar 9 23:26 bind.keys -rw-r--r-- 1 root root 237 Mar 9 23:26 db.0 -rw-r--r-- 1 root root 271 Mar 9 23:26 db.127 -rw-r--r-- 1 root root 237 Mar 9 23:26 db.255 -rw-r--r-- 1 root root 353 Mar 9 23:26 db.empty -rw-r--r-- 1 root root 270 Mar 9 23:26 db.local -rw-r--r-- 1 root root 3048 Mar 9 23:26 db.root -rw-r--r-- 1 root bind 463 Mar 9 23:26 named.conf -rw-r--r-- 1 root bind 490 Mar 9 23:26 named.conf.default-zones -rw-r--r-- 1 root bind 343 Apr 20 18:49 named.conf.local -rw-r--r-- 1 root bind 890 Apr 20 16:04 named.conf.options -rw-r----- 1 bind bind 77 Apr 20 16:04 rndc.key drwsrws--- 2 root bind 4096 Apr 20 16:38 slave -rw-r--r-- 1 root root 1317 Mar 9 23:26 zones.rfc1918 Hey presto - new zones are now being formed. Could the p9 upgrade have upset permissions?
I can confirm that running 'php -q update.php' reverts the permissions on /etc/bind/slave to the above preventing the creation of new slave zones. Is this a bug or a feature?
That's great. Just as an aside if I populate the dns_slave table from another mysql dump how can I get ISPConfig to regenerate the named.conf.local file to add the domain entry and pull across the zone from the master. Currently I'm having to 'deactivate/reactivate' the slave from the CP to force it. I can't work out what script that initiates ... sorry to be so dumb.
That appears to only resync main zones. It merely says 'none' and stops. No secondary zones are synced. I can do them one a time by deactivating/reactivating but when you have hundreds ... EDIT: Doh! Now I understand - resync-ing the master re-syncs the slaves. I was just re-syncing the slave server. That was the problem. Sorry to be a bit thick about this. Fixed.