How to add a secondary (slave) DNS bind server on
FreeBSD
Here is how I achieved in configuring my
BIND 9.4.3-P2
server to work aas a Slave DNS server for domain zones.
1. Copy your default Bind DNS configuration file to
/var/named/etc/namedb
freebsd# cp -rpf /usr/src/etc/namedb/named.conf
/var/named/etc/namedb
2. If /etc/namedb/named.conf symlink is not existing create
one
Note: Follow this step only if the /etc/namedb/named.conf file is
not there!
freebsd# ln -sf /var/named/etc/namedb
/etc/namedb/named.conf
3. Open your /var/named/etc/namedb/named.conf file and add the
following entries in options
Look for where
options { starts in the file and add there
the following bind configuration directives:
allow-query { 1.2.3.4; 127.0.0/8; };
allow-transfer { 127.0.0.1; 1.2.3.4; };
transfer-format many-answers;
Note: In the above code you will have to substitute the
1.2.3.4 with your actual primary nameserver (master)
nameserver IP address.
Edit the listen-on {} directive in named.conf
To do so search for listen-on { in named.conf with your text editor
of choice.
The dafault named.conf file will actually include something
like:
listen-on { 127.0.0.1; }
fter the 127.0.0.1 you will have to add your actual external
IP address to which your seconday DNS server is configured to
point.
For instance mine is ns1.pc-freak.net and the domain resolves to
83.228.93.76, therefore I included the 83.228.93.76 right after the
127.0.0.1; so finally my listen-on configuration looked like the
following:
listen-on { 127.0.0.1; 83.228.93.76; }
4. Now it comes to adding the actual domain names zone files to
your secondary DNS
You will have to add something similar to:
zone "yourdomain.com" {
type slave;
file "slave/yourdomain.com";
masters { 1.2.3.4; }; };
In above code you will again have to exchange the
yourdomain.com with your actual domain name which is already
served by the Primary NS.
Again the 1.2.3.4 stands for the IP address of your Primary /
(Master) DNS server and needs to be substituted as well with your
correct IP.
Note: Something very important to warn you here! In the
above zone configuration directives where it says:
file "slave/yourdomain.com";
Don't ever think about changing the path file "slave/...", if you
do so your Bind DNS server will either not start-up or if it starts
will not be able to find your domain name!!!
It took me about 2 hours to realize this stupid mistake! So again
BEWARE of making the same mistake!
5. Create an empty domain zone file and set the proper permissions
to it
freebsd# mkdir
/var/named/etc/namedb/slave/yourdomain.com
freebsd# chown bind:wheel
/var/named/etc/namedb/slave/yourdomain.com
Once again substitute yourdomain.com in the above command with your
actual domain name previously set in the named.conf
6. Check that your named.conf configuration has been correct and
restart your name server
The below command should execute without any warnings or errors, if
you don't have mistakenly written something wrong in your
named.conf.
freebsd# named-checkconf
freebsd#
Whenever you are sure no config errors are present you can happily
restart your nameserver.
freebsd# /etc/rc.d/named restart
Now your domain names zone files which you just have configured in
your FreeBSD powered seconday DNS server should start being
transferred from the DNS master server.
In order to check that you can try to make some fictios subdomain
name in some of your Master DNS zone files and change the version
of the file.
After the restart the changes should end up also in your seconday
DNS server.
Just to close the post I'll have to inform you that my Primary
Master DNS server was BIND 9.5.1-P3 actually a newer release than
the Seconday one running on my FreeBSD, anyhow this was not a
problem at all.
The BIND 9.5.1-P3 was acutally running on a Debian Lenny
GNU/Linux.