retransfer zone from stealth master

Wed, 26 Feb 2014 06:58:35 -0800

Noticed some zones weren't transferring, so I tried to see what was up. The logs show its polling the published master (one of my secondaries), which fails since it doesn't have the zone yet. None of my secondaries have it yet.
I was on vacation when the domains were set up, though I had provided instructions on how to do this very task before I left, along with other instructions, since the request was "how do I setup a new secondary"...in the context of DDoS...which I first read as another secondary authoritative nameserver (which didn't make sense to me...since there are other things outside of our groups control that are needed.) 


I later decided the real request was how to make our secondaries slave to a 
departmental nameserver, so that there will still be accessible authorities 
for their (sub)domains after their port 53 gets blocked at the border.  Which 
was that its the same as the last part of our adding a new domain to our DNS 
wiki document, except that instead of slaving from our master nameserver, its 
slaving from the departmental master.


Anyhoo...


How can I get an initial transfer of the zone from a stealth master?  Or do I 
have to wait to get the administrator of the master to give it another kick?



masters {}; contains the IPs for both departmental nameservers, plus IP for 
ns-1.ksu.edu, but logs show its only trying to transfer from ns-1.ksu.edu.



Often, due to historical reasons, some departments only notify ns-1.ksu.edu, 
leaving me to also-notify my other secondaries, etc.  masters {} also used to 
contain every server that could act as an authoritative source...even if the 
instance was host-only (the admin wanted a local recursive caching resolver 
instance, created a full blown authoritative with recursive caching query 
resolver.... that only responds to localhost)  I think there are 8 of these 
still in existence.  They were to be refreshed or eliminated in the near 
future.... ~5 years ago.... (I did remove one or two from my pseudo-script to 
update bind everywhere, last year...)


--
Who: Lawrence K. Chen, P.Eng. - W0LKC - Sr. Unix Systems Administrator
For: Enterprise Server Technologies (EST) -- & SafeZone Ally

_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users






















					Reply via email to