Re: 'succesful' nsupdate of remote server not persistent across nameserver restart?

Fri, 29 Apr 2016 20:37:31 -0700 

On Mon, Apr 25, 2016, at 11:44 AM, jaso...@mail-central.com wrote:
> Now back to figuring this^ out :-/

I started from scratch, now on bind 9.10.4.

After update, I'm preserving my jnl files, but they're sill not getting written 
to zone files on nameserver restart.

With this update file

        cat ~/nsupdate.txt
                server ns01.example.com
                local 10.0.0.17
                debug yes
                zone example.com.
                update add test.example.com. 300 in TXT "YYYYYY"
                show
                send

I exec the nsupdate

        $NSUPDATE ~/nsupdate.txt

In my nameserver log I get

        Apr 29 20:03:24 ns01 named[3440]: 29-Apr-2016 20:03:24.810 
update-security: info: client 10.0.0.17#17687/key jason-key: view external: 
signer "jason-key" approved
        Apr 29 20:03:24 ns01 named[3440]: 29-Apr-2016 20:03:24.810 update: 
info: client 10.0.0.17#17687/key jason-key: view external: updating zone 
'example.com/IN': adding an RR at 'test.example.com' TXT "YYYYYY"

I can see the change

        dig TXT test.example.com @ns01.example.com +short
                "YYYYYY"

Checking at this time in the nameserver's chroot & init dirs,

        ls -altr /var/chroot/named/namedb/master/example.com* && \
        ls -altr /etc/named/namedb/master/example.com*

I see the .jnl only in the chroot

                -rw-r----- 1 named named 1.2K Apr 29 20:01 
/var/chroot/named/namedb/master/example.com.zone
        !!!     -rw-r--r-- 1 named named  789 Apr 29 20:03 
/var/chroot/named/namedb/master/example.com.zone.jnl
                -rw-r----- 1 named named 1.2K Apr 29 20:01 
/etc/named/namedb/master/example.com.zone

It's got the update in it

        named-journalprint /var/chroot/named/namedb/master/example.com.zone.jnl 
| grep TXT
                add test.example.com. 300     IN      TXT     "YYYYYY"

I then restart the nameserver

        systemctl stop named
        systemctl start named

Checking again, since my chroot explicitly copies the journals, I now see the 
jnl in BOTH the chroot dir and the init dir

        ls -altr /var/chroot/named/namedb/master/example.com* && \
        ls -altr /etc/named/namedb/master/example.com*
                -rw-r----- 1 named named 1.2K Apr 29 20:01 
/var/chroot/named/namedb/master/example.com.zone
        !!!     -rw-r--r-- 1 named named  789 Apr 29 20:03 
/var/chroot/named/namedb/master/example.com.zone.jnl
                -rw-r----- 1 named named 1.2K Apr 29 20:01 
/etc/named/namedb/master/example.com.zone
        !!!     -rw-r--r-- 1 named named  789 Apr 29 20:03 
/etc/named/namedb/master/example.com.zone.jnl

with the update correct

        named-journalprint /var/chroot/named/namedb/master/example.com.zone.jnl 
| grep TXT && \
        named-journalprint /etc/named/namedb/master/example.com.zone.jnl | grep 
TXT
                add test.example.com. 300     IN      TXT     "YYYYYY"
                add test.example.com. 300     IN      TXT     "YYYYYY"

But obviously, the named re-start did NOT write the zone files -- the data's 
still, just in the jnl's, not in the zone files

        grep YYYYY \
         /var/chroot/named/namedb/master/example.com.zone \
         /etc/named/namedb/master/example.com.zone
                (empty)

It's official.  This is driving me nuts.

Jason
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Reply via email to