Start Named slave zone not updating

Named slave zone not updating

Running any DNS server that supports recursive queries for external users (an Open DNS) is a bad idea.

The BIND DNS configuration provides the following functionality: // MASTER & CACHING NAME SERVER for EXAMPLE, INC. 23 july 2003 - did something more // options ; // // log to /var/log/named/all events from // info UP in severity (no debug) // defaults to use 3 files in rotation // BIND 8.x logging MUST COME FIRST in this file // BIND 9.x parses the whole file before using the log // failure messages up to this point are in (syslog) // typically /var/log/messages // logging; // required zone for recursive queries zone "." ; zone "example.com" in; Slave DNS Servers with View Clause When using a Slave server with view clauses it is important to recall that, even when NOTIFY is used, the Slave always initiates the zone tranfer operation using an INCOMING DNS operation (TCP on Port 53 normally).

// maintained by: me myself alone // CHANGELOG: // 1. To ensure the correct domain is transferred the match-clients and/or match-destinations statements associated with the views must ensure that the requesting Slave server's IP is directed to the view containing the zone file that should be tranferred.

Comments are included in the files to describe functionality.

The configuration used throughout is: Everyone has their own ideas on a good naming convention and thus something that is supposed to be useful becomes contentious. Its sole merits are; it is a convention; it makes sense to its authors.

Red Hat Security Enhanced Linux (SELinux) policy security protections : Red Hat have adopted the National Security Agency's SELinux security policy (see and recommendations for security , which are more secure than running named in a chroot and make use of the bind-chroot environment unnecessary .

By default, named is not allowed by the SELinux policy to write, create or delete any files EXCEPT in these directories: $ROOTDIR/var/named/slaves$ROOTDIR/var/named/data$ROOTDIR/var/tmp where $ROOTDIR may be set in /etc/sysconfig/named if bind-chroot is installed.

Note: For most Linux distributions you have a small overhead at the beginning to rename the supplied files but the author considers it worthwhile in the long run to avoid confusion.