Fwd: Re: [opensuse] Split DNS? Solved
On 1/1/2011 7:41 PM, John Andersen wrote:
On 12/31/2010 4:52 PM, Marc Chamberlin wrote:
3. Last, be careful of using rcnamed when restarting the server. It can and will delete files and directories in the /var/lib/named area without doing any kind of backup first. That is poor programming on someone's part also and breaks a fundamental rule of good computer science - NEVER delete or change user data without backing it up first and making sure you have a good backed up copy before making such changes, or deleting it!!!... Its supposed to do that.
The files you configure do not live in that directory. If you were making changes down in /varl/lib you were in the wrong place.
John - I am going to disagree with you and this is what I am trying to point out.... Some of the files under /var/lib/named do get copied over from /etc and SOME DO NOT. For example the actual files containing DNS records do NOT get copied over and therefore MUST be edited directly under /var/lib/named/... As a user, trying to grok what is the model behind the file system is not easy, nor can I find it well documented. Nevertheless, I will continue to argue that a more robust design would compare time stamps on files to be copied over, and before any files designated to be copied, the script should first back up the target files. That is a far more friendly design and far safer form of a programming practice. (you don't have to backup up to an infinite depth either, limit it to say 10 levels or whatever....) The overall design of the file system supporting the bind/named DNS server is really poorly thought out. Not only did I get confused and lost time and data trying to figure it out, but I will further argue that I do NOT understand why all servers cannot be architect in such as way so that ALL of their files can be found under a single "root" directory. And to me there is a real logical location - /srv/named that should hold ALL the files for the DNS server. (as well as all other servers such as /srv/tomcat6 /srv/ftp /srv/samba /srv/dhcp /srv/mysql etc etc....) Why do all these files need to be scattered all over the place? If necessary use links to "put" files in other places, but for heaven's sake make it easy to FIND ALL of them under a single dir!!! It would also make it a lot easier when migrating from one version of SuSE to the next, I could just put /srv in it's own partition and mount it then... (an yes I might have to do some reconfiguring, but at least I would have a good starting point and KNOW where everything is located...) Marc Chamberlin... -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Marc Chamberlin wrote:
On 1/1/2011 7:41 PM, John Andersen wrote:
On 12/31/2010 4:52 PM, Marc Chamberlin wrote:
3. Last, be careful of using rcnamed when restarting the server. It can and will delete files and directories in the /var/lib/named area without doing any kind of backup first. That is poor programming on someone's part also and breaks a fundamental rule of good computer science - NEVER delete or change user data without backing it up first and making sure you have a good backed up copy before making such changes, or deleting it!!!... Its supposed to do that.
The files you configure do not live in that directory. If you were making changes down in /varl/lib you were in the wrong place.
John - I am going to disagree with you and this is what I am trying to point out.... Some of the files under /var/lib/named do get copied over from /etc and SOME DO NOT. For example the actual files containing DNS records do NOT get copied over and therefore MUST be edited directly under /var/lib/named/... As a user, trying to grok what is the model behind the file system is not easy, nor can I find it well documented.
Nevertheless, I will continue to argue that a more robust design would compare time stamps on files to be copied over, and before any files designated to be copied, the script should first back up the target files. That is a far more friendly design and far safer form of a programming practice. (you don't have to backup up to an infinite depth either, limit it to say 10 levels or whatever....)
AFAIK, the copying over over config files from /etc/named* is to create the chroot jail for named - there should be no reason for checking timestamps etc, the jail must contain an exact copy of the configuration.
The overall design of the file system supporting the bind/named DNS server is really poorly thought out. Not only did I get confused and lost time and data trying to figure it out, but I will further argue that I do NOT understand why all servers cannot be architect in such as way so that ALL of their files can be found under a single "root" directory. And to me there is a real logical location - /srv/named that should hold ALL the files for the DNS server. (as well as all other servers such as /srv/tomcat6 /srv/ftp /srv/samba /srv/dhcp /srv/mysql etc etc....)
All services COULD be re-configured that way, that is not a problem. You're also free to reconfigure your own setup as you wish. However, the default filesystem setup usually comes with the application itself, and changing it too much might not be easy/optimal (depends on how flexible the application is). /Per -- Per Jessen, Zürich (0.8°C) -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On 1/2/2011 9:29 PM, Marc Chamberlin wrote:
On 1/1/2011 7:41 PM, John Andersen wrote:
from /etc and SOME DO NOT. For example the actual files containing DNS records do NOT get copied over and therefore MUST be edited directly under /var/lib/named/...
Please be specific. Which files do not get copied? I'm not trying to argue, just trying to understand the problem. -- _____________________________________ ---This space for rent--- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On 1/3/2011 1:58 PM, John Andersen wrote:
On 1/2/2011 9:29 PM, Marc Chamberlin wrote:
On 1/1/2011 7:41 PM, John Andersen wrote: from /etc and SOME DO NOT. For example the actual files containing DNS records do NOT get copied over and therefore MUST be edited directly under /var/lib/named/... Please be specific. Which files do not get copied?
I'm not trying to argue, just trying to understand the problem.
John - I think I answered this in my reply to Lars. It may be due, in part to my not understanding the file system model, but read my response to Lars and let me know if that helps.. Marc... -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
* Marc Chamberlin (marc@marcchamberlin.com) [20110103 06:29]:
As a user, trying to grok what is the model behind the file system is not easy, nor can I find it well documented.
FUD! At the top of /etc/sysconfig/named you'll find # Each time you start one of the daemons with the init script, # /etc/named.conf, /etc/named.conf.include, /etc/rndc.key, and all files # listed in NAMED_CONF_INCLUDE_FILES will be copied relative to # /var/lib/named/. What is so hard to understand here? Philipp -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On 1/4/2011 3:03 AM, Philipp Thomas wrote:
* Marc Chamberlin (marc@marcchamberlin.com) [20110103 06:29]:
As a user, trying to grok what is the model behind the file system is not easy, nor can I find it well documented. FUD! At the top of /etc/sysconfig/named you'll find
# Each time you start one of the daemons with the init script, # /etc/named.conf, /etc/named.conf.include, /etc/rndc.key, and all files # listed in NAMED_CONF_INCLUDE_FILES will be copied relative to # /var/lib/named/.
What is so hard to understand here?
Philipp Philipp - Using the NAMED_CONF_INCLUDE_FILES specification forces all copies to be made from /etc/named.d which may be fine for a flat named declaration without views. But how do I specify that I want separate include files, using NAMED_CONF_INCLUDE_FILES for EACH view I define?. Remember, I am TRYING to use include files to specify part of a view declaration, NOT just adding in a set of zone statements.
I tried to fool around with this, for example - NAMED_CONF_INCLUDE_FILES="internal/test.conf" and created /etc/named.d/internal/test.conf but that failed to copy test.com over to /var/lib/named/internal/slave/test.com as I had thought it might. I even created the intermediate directories under /var/lib - internal / slave but to no joy. Instead I found these files copied over to /var/lib/named/ETC/NAMED.D/INTERNAL/TEST.CONF and this is NOT a copy relative to /var/lib/named as implied in the comments. And EVEN IF this had worked, I suspect that I would have had to put my test.com file in two places in order to use a relative include within my views, both at /etc/named.d/internal/slave/test.com and at /etc/internal/slave/test.com because I still DON'T know how I would specify the include statement for the view so that it would pick up the test.conf file from /var/lib/named/etc/named.d/internal/test.conf without confusing the rcnamed script when it tries to also copy any files specified via an include statement. There isn't a real example of using include files from /etc/named.d to model after, and since I couldn't figure it out, I took a look at how things were being done in /var/lib/named. I found /var/lib/named/master and /var/lib/named/slave defined for a system without views, but since I want to use views. I thought the model should be to set up the following - /var/lib/named/internal and put my view's .conf file here //var/lib/named/external " /var/lib/named/internal/master and put my view's associated record files here. /var/lib/named/internal/slave " /var/lib/named/external/master " /var/lib/named/external/slave " Having no real world model/example to work with, I am having to infer/guess how to organize files for multiple views. Hence my complaint, I DON'T understand how to use the built-in include mechanism's in such a way as to apply them intuitively to views. I have managed to figure out a way, but it certainly was NOT intuitive or obvious. Marc -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Marc Chamberlin wrote:
On 1/4/2011 3:03 AM, Philipp Thomas wrote:
* Marc Chamberlin (marc@marcchamberlin.com) [20110103 06:29]:
As a user, trying to grok what is the model behind the file system is not easy, nor can I find it well documented. FUD! At the top of /etc/sysconfig/named you'll find
# Each time you start one of the daemons with the init script, # /etc/named.conf, /etc/named.conf.include, /etc/rndc.key, and all # files listed in NAMED_CONF_INCLUDE_FILES will be copied relative to # /var/lib/named/.
What is so hard to understand here?
Philipp Philipp - Using the NAMED_CONF_INCLUDE_FILES specification forces all copies to be made from /etc/named.d which may be fine for a flat named declaration without views. But how do I specify that I want separate include files, using NAMED_CONF_INCLUDE_FILES for EACH view I define?.
Just name them all, separated by blanks. I also run multiple views and that's how I do it.
Remember, I am TRYING to use include files to specify part of a view declaration, NOT just adding in a set of zone statements.
Yes, that is understood. It really works fine.
I tried to fool around with this, for example -
NAMED_CONF_INCLUDE_FILES="internal/test.conf"
and created /etc/named.d/internal/test.conf
but that failed to copy test.com over to /var/lib/named/internal/slave/test.com as I had thought it might.
No, the copying over of files is ONLY for config/include files, zone files are never touched.
Instead I found these files copied over to /var/lib/named/ETC/NAMED.D/INTERNAL/TEST.CONF and this is NOT a copy relative to /var/lib/named as implied in the comments.
Mayby the comments are wrong, but copy is done correctly.
And EVEN IF this had worked, I suspect that I would have had to put my test.com file in two places in order to use a relative include within my views, both at /etc/named.d/internal/slave/test.com
What is that file - a zone file or a config file?
and at /etc/internal/slave/test.com because I still DON'T know how I would specify the include statement for the view so that it would pick up the test.conf file from /var/lib/named/etc/named.d/internal/test.conf without confusing the rcnamed script when it tries to also copy any files specified via an include statement.
Just like normal - "include internal/test.conf".
There isn't a real example of using include files from /etc/named.d to model after, and since I couldn't figure it out, I took a look at how things were being done in /var/lib/named. I found /var/lib/named/master and /var/lib/named/slave defined for a system without views,
The zone files don't know about views, only the named config.
Having no real world model/example to work with, I am having to infer/guess how to organize files for multiple views.
There is nothing to organize, Marc. You define your views in the named config files, either as one or as multiple files. Your views contains the zones as per your desires, and identify which zone files to use. That's it. End of story. -- Per Jessen, Zürich (-0.9°C) -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Per Jessen wrote:
There isn't a real example of using include files from /etc/named.d to model after, and since I couldn't figure it out, I took a look at how things were being done in /var/lib/named. I found /var/lib/named/master and /var/lib/named/slave defined for a system without views,
The zone files don't know about views, only the named config.
That should have been: The zone files don't know about views, only the named config knows about views. -- Per Jessen, Zürich (-0.8°C) -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Marc Chamberlin wrote:
Having no real world model/example to work with, I am having to infer/guess how to organize files for multiple views. Hence my complaint, I DON'T understand how to use the built-in include mechanism's in such a way as to apply them intuitively to views.
Here's a rough outline of what I use: /etc/named.conf - primary config, includes from named.d/ /etc/named.d/view1.conf view "number1" { conditions, zone definitions }; /etc/named.d/view2.conf view "number2" { conditions, zone definitions }; /etc/sysconfig./named:NAMED_CONF_INCLUDE_FILES="view1.conf view2.conf" -- Per Jessen, Zürich (-0.9°C) -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
participants (4)
-
John Andersen
-
Marc Chamberlin
-
Per Jessen
-
Philipp Thomas