On Mar 7 2011, David Coulthart wrote:
BIND Version: 9.7.3 on Solaris 9 & 10 (locally compiled)
Our current workflow for managing DNS involves generating master zone
files from a database, pushing the new files to a hidden master nameserver
& then running "rndc reload" on that nameserver.
Based on the ARM & a posting to bind-users[1], I enabled "ixfr-from-differences
master;" on the hidden master expecting the master nameserver would generate
a "diff" from the previous zone file in memory and the new one being loaded
so it could send an IXFR to the slaves. However, every time the slave
requests an IXFR, it gets a non-incremental response & has to perform a
full AXFR. I've configured this in a test environment with a single zone
file so I know the slave has the first version of the zone file before
loading the second version on the master & it still results in a AXFR-style
IXFR. I've explicitly stated the options allow-query & allow-transfer
in the config, but I do not have allow-updates configured, relying on
the implicit default of denying all updates.
Is there something I'm missing to get this working?
Have you tested that the ixfr-from-differences is working at all at
the hidden master? E.g. by
dig ixfr=[some-old-serial] [zone-name] @[hidden-master]
from the slaves (or indeed elsewhere).
There is also a named-journalprint utility which you can apply to the
journal file on the master to check it contains what you hope for.
If those look OK, then it's something else in the configuration of
either master or slaves. I take it you aren't doing anything as
obvious as specifying "request-ixfr no" or "provide-ixfr no" in
server statements.
--
Chris Thompson
Email: c...@cam.ac.uk
_______________________________________________
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
