Why does a slave need zone files? Seems like the info comes from the master...
As in my log:
info: zone labhw.com read with success
[2017-05-15 09:09:00.248] nsd[21965]: info: zone labhw.com written to db
But the zone file on the slave did not change...
So it has a serial mismatch, and requires copying it by typing, or scp with password hassles.
Hi John,
It doesn't need it, but that is not the default.
If you set database: "" in nsd.conf, then no nsd.db is used, and the
contents are written to the zonefile. This is a good setting to use.
It uses less memory and less disk space, and the zonefile is kept up to
date.
If you really want no zonefile at all, and then it has to transfer the
zone every time, you can set zonefile: "" in the zone entry in nsd.conf.
Best regards, Wouter
Ah, yes. I see that is what I want to do.
When I make that setting, I see messages that say it has taken effect,
but the slave server's zone file has not changed. Is that delayed some time,
or do I have some debugging to do?
At the slave server log:
info: zone labhw.com serial 2017051503 is updated to 2017051504.
At the slave server:
$ cat labhw.com.zone
$ORIGIN labhw.com.
$INCLUDE /etc/nsd/TTL1.common
@ IN SOA ns1.cibolo.us. postmaster.labhw.com. (
2017051503 ; Serial
I found that the directory /etc/nsd was owned by root:root
and changed its owner/group to root:nsd and now files are written
That is no security risk is it?