DekGenius.com
I l@ve RuBoard Previous Section Next Section

3.13 Notifying a Slave Name Server Not in a Zone's NS Records

3.13.1 Problem

You want to notify a slave name server not listed in the NS records for a zone of changes to that zone's serial number.

3.13.2 Solution

Use the also-notifysubstatement as a zone substatement, to apply only to changes to that zone:

zone "foo.example" {
    type master;
    file "db.foo.example";
    also-notify { 192.168.0.2; };
};

Or use it as a substatement to the options statement, to apply to all zones for which this name server is authoritative:

options {
    directory "/var/named";
    also-notify { 192.168.0.2; };
};

3.13.3 Discussion

There are lots of reasons not to list a slave name server in a zone's NS records; you've made it a slave because the resolvers that query it frequently look up records in the zone, but you don't want other name servers querying it, for example. This kind of a slave name server is called a stealth slave. See Section 7.5 for instructions on configuring a stealth slave.

However, you probably want your stealth slave to be alerted of changes to the zone as quickly as the other slaves for the zone. Since the other authoritative name servers for the zone have no automatic way of discovering your stealth slave, you need to explicitly configure the slave's master name server to send it NOTIFY messages. Remember to configure only your stealth slave's master name server to notify it -- it'll ignore NOTIFY messages from other name servers.

Note that also-notify isn't supported as an options substatement in older versions of BIND 8. Support was introduced in BIND 8.2.2.

3.13.4 See Also

Section 7.5 for instructions on configuring a stealth slave name server and "DNS NOTIFY (Zone Change Notification)" in Chapter 10 of DNS and BIND.

    I l@ve RuBoard Previous Section Next Section