Re: Capabilities and limitations of catalog zones
On 2/9/2022 2:36 AM, Tony Finch wrote: John Thurston wrote: Are we not able to use catalog zones to propagate zone-configuration for anything other than 'master' zones? > It is only for configuring authoritative secondary zones. That's unfortunate, but thanks for the confirmation. I had been looking forward to making this work :( We have only a couple of authoritative zones, but over 60 forward zones. And I expect far more growth and complexity in forward zones than in our authoritative zones (thanks to "cloud", and split private/public name-spaces). At least I now know to draw a line through "catalog zones", and pursue other distribution options. -- Do things because you should, not just because you can. John Thurston907-465-8591 john.thurs...@alaska.gov Department of Administration State of Alaska -- Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Capabilities and limitations of catalog zones
John Thurston wrote: > Are we not able to use catalog zones to propagate zone-configuration for > anything other than 'master' zones? It is only for configuring authoritative secondary zones. You are right that this isn't completely clear in the documentation, uless you read the whole section carefully (it is not stated explicitly in the section's introduction). https://bind9.readthedocs.io/en/v9_16_25/advanced.html#catalog-zones Tony. -- f.anthony.n.finchhttps://dotat.at/ Rockall, Malin, Hebrides, Bailey: West, becoming cyclonic, 7 to severe gale 9, occasionally storm 10 except Malin, becoming north or northwest 5 to 7 later. High or very high, occasionally very rough later. Squally wintry showers. Moderate or poor. -- Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Capabilities and limitations of catalog zones
That's right, catalog zones are for synchronizing the list of zones served by
the primary, so that the secondaries can retrieve those zones using AXFR/IXFR.
You can't even use "allow-transfer" on a forward zone, so it is not meant to be
transferred to secondaries.
A couple of observations about your configuration:
> version IN TXT "2"
Currently BIND supports only version "1", though it is not being enforced at
this moment.
> forwarders { 10..11.12.13; };
BIND shouldn't even start with this invalid IP address (two dots).
--
Aram
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
Capabilities and limitations of catalog zones
Are we not able to use catalog zones to propagate zone-configuration for
anything other than 'master' zones? I've been playing with catalog zones
in the lab, and am stuck.
I have defined a catalog zone on my primary, with a zone file that looks
like:
$TTL 300
@ IN SOA @ hostmaster.ak.gov. ( 123 60 60 432000 60 )
IN NS invalid.
version IN TXT "2"
e6db03231540bd80933ff1e504e3f43dbdb8f0cd.zones IN PTR ak.gov.
eb1a9a3baa50b96663357a8fe204983748769ed9.zones IN PTR localhost.
I have defined a secondary and told it to consume from the primary. In
the logs, I can see the XFR requests, and the transfer of the zone
'localhost' completes as expected. The zone "ak.gov' does not.
The difference between them is 'localhost' is defined on the primary
like so:
zone "localhost" {
type master;
file "db.localhost";
};
while 'ak.gov' is defined on the primary like so:
zone "ak.gov" {type forward;forward only;forwarders
{ 10..11.12.13; };
};
--
--
Do things because you should, not just because you can.
John Thurston907-465-8591
john.thurs...@alaska.gov
Department of Administration
State of Alaska
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
