Haim Dimermanas wrote:
> Hi all,
>
> I own the domain dudle.net and I signed up with secondary.com to get
> secondary (slave) name servers for this domain. On the master, I use
> potato with bind 8.2.3-0.potato.1 (the current stable bind package).
>
> My problem is the following : the master sends NOTIFY request to the
> slaves for that zone every 8 seconds (sometimes 10 sec, sometimes 4
> sec).
>
> Not only it makes the logs grow like hell but it creates useless
> traffic. For the log part, I inserted the following line in my
> named.conf:
>
> logging {
> category notify { null; };
> };
>
> It does the trick as far as syslog is concerned.
>
> From the DNS and Bind book (O'Reilly), chapter 10.2 :
>
> DNS NOTIFY works like this: when a primary master name server notices
> a change to data in a zone, it sends a special request to all of the
> slave servers for that zone. It determines which servers are the
> slaves
> for the zone by looking at the list of NS records in the zone and
> taking out the one that points to the name server listed in the first
> record-specific field in the zone's SOA record as well as the local
> host.
>
> The thing is, my zone file doesn't change every 10 seconds! I don't
> understand why named sends the NOTIFY like that.
>
> First, the entry in the named.conf :
>
> zone "dudle.net" {
> type master;
> file "/etc/bind/db.dudle.net";
> allow-transfer {
> key 1287.2552.nominum.;
> };
> };
>
> Note that I can add the line "notify no;" to this zone declaration. In
> this case, the master won't send the NOTIFY all the time, it won't even
> send them when it should.
>
> Second, the actual zone file (just the SOA and NS entries) :
>
> $TTL 20M
> dudle.net. IN SOA ns1.linuxroot.org. root.dudle.net. (
> 2001042307 ; serial
> 40M ; refresh
> 20M ; retry
> 1W ; expiry
> 20M ) ; minimum
> @ IN NS ns1.linuxroot.org.
> @ IN NS ns2.linuxroot.org.
> @ IN NS ns1.secondary.com.
> @ IN NS ns2.secondary.com.
My understanding of DNS/BIND is that the SOA and NS entries are in
seconds, which would explain your problem quite nicely... why don't you
try to change the numbers to the actual seconds, and see if that
helps... see my soa below...
$TTL 86400
@ SOA ns1.uberLAN.net. hostmaster.uberLAN.net. (
2001042001 ; serial
21600 ; refresh
1800 ; retry
1209600 ; expire
43200 ; default_ttl
)
hope this helps, one last thing... you may want to upgrade your bind,
there was a nasty exploit just a couple of weeks ago..
~duane
>
> Last, the log entries (in /var/log/syslog) :
>
> 16:25:16 named[29325]: Sent NOTIFY for "dudle.net IN SOA 2001042308"
> (dudle.net); 2 NS, 2 A
> 16:25:16 named[29325]: Received NOTIFY answer (AA) from 198.133.199.3
> for "dudle.net IN SOA"
> 16:25:16 named[29325]: Received NOTIFY answer (AA) from 198.133.199.4
> for "dudle.net IN SOA"
>
> And I see that stuff happening between 10 and 15 times a minute.
>
> If anyone has a clue, I am listening. I will try to install bind from
> source to see if it's a debian specific problem but if you already know
> ... help!
>
> Haim.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
