Here is how I achieved in configuring my BIND 9.4.3-P2 server to work aas a Slave DNS server for domain zones.
1. Copy your default Bind DNS configuration file to /var/named/etc/namedb
freebsd# cp -rpf /usr/src/etc/namedb/named.conf /var/named/etc/namedb
2. If /etc/namedb/named.conf symlink is not existing create one
Note: Follow this step only if the /etc/namedb/named.conf file is not there!
freebsd# ln -sf /var/named/etc/namedb /etc/namedb/named.conf
3. Open your /var/named/etc/namedb/named.conf file and add the following entries in options
Look for where options { starts in the file and add there the following bind configuration directives:
allow-query { 1.2.3.4; 127.0.0/8; };
allow-transfer { 127.0.0.1; 1.2.3.4; };
transfer-format many-answers;
Note: In the above code you will have to substitute the 1.2.3.4 with your actual primary nameserver (master) nameserver IP address.
Edit the listen-on {} directive in named.conf
To do so search for listen-on { in named.conf with your text editor of choice.
The dafault named.conf file will actually include something like:
listen-on { 127.0.0.1; }
After the 127.0.0.1 you will have to add your actual external IP address to which your seconday DNS server is configured to point.
For instance mine is ns1.www.pc-freak.net and the domain resolves to 83.228.93.76, therefore I included the 83.228.93.76 right after the 127.0.0.1; so finally my listen-on configuration looked like the following:
listen-on { 127.0.0.1; 83.228.93.76; }
4. Now it comes to adding the actual domain names zone files to your secondary DNS
You will have to add something similar to:
zone "yourdomain.com" {
type slave;
file "slave/yourdomain.com";
masters { 1.2.3.4; }; };
In above code you will again have to exchange the yourdomain.com with your actual domain name which is already served by the Primary NS.
Again the 1.2.3.4 stands for the IP address of your Primary / (Master) DNS server and needs to be substituted as well with your correct IP.
Note: Something very important to warn you here! In the above zone configuration directives where it says:
file "slave/yourdomain.com";
Don’t ever think about changing the path file “slave/…”, if you do so your Bind DNS server will either not start-up or if it starts will not be able to find your domain name!!!
It took me about 2 hours to realize this stupid mistake! So again BEWARE of making the same mistake!
5. Create an empty domain zone file and set the proper permissions to it
freebsd# mkdir /var/named/etc/namedb/slave/yourdomain.com
freebsd# chown bind:wheel /var/named/etc/namedb/slave/yourdomain.com
Once again substitute yourdomain.com in the above command with your actual domain name previously set in the named.conf
6. Check that your named.conf configuration has been correct and restart your name server
The below command should execute without any warnings or errors, if you don’t have mistakenly written something wrong in your named.conf.
freebsd# named-checkconf
freebsd#
Whenever you are sure no config errors are present you can happily restart your nameserver.
freebsd# /etc/rc.d/named restart
Now your domain names zone files which you just have configured in your FreeBSD powered seconday DNS server should start being transferred from the DNS master server.
In order to check that you can try to make some fictios subdomain name in some of your Master DNS zone files and change the version of the file.
After the restart the changes should end up also in your seconday DNS server.
Just to close the post I’ll have to inform you that my Primary Master DNS server was BIND 9.5.1-P3 actually a newer release than the Seconday one running on my FreeBSD, anyhow this was not a problem at all.
The BIND 9.5.1-P3 was acutally running on a Debian Lenny GNU/Linux.
More helpful Articles
Tags: How to add a secondary (slave) DNS bind server on FreeBSD
