1 Říj
2020
1 Říj
'20
11:14
Hi Frank,
yes, we need to clarify some misunderstandings.
First of all, generating/updating catalog zone according to primary
server configuration (that means: you change configuration e.g. by
'knotc conf-set', and the catalog zone would be updated automatically),
is not implemented yet in Knot DNS 3.0. This will be
'catalog-role:generate' in some of the future versions. For now, you can
only create and update the catalog zone by yourself, probably by similar
means as you are used to create/update the primary server's
configuration file.
I can see that you, at the primary server, configured the zone
dom-siew9tho.invalid. by both configuration file and catalog zone,
creating a conflict. Probably Knot warned you about this in the log.
The expected usage of current implementation of catalog zone is that,
you put the list of member zones only in the catalog zone, and not
mention them in neither primary's nor secondary's configuration file.
Both servers will interpret the same catalog zone. Just configure the
templates carefully, so that the primary will be a "master" for the
member zones, and the secondary a "slave".
I hope I made it somewhat clearer,
Mit herzlichen Grüßen,
Libor
Dne 01.10.20 v 10:53 Frank Matthieß napsal(a):
Hello all,
i stuck a little bit with the configuration of the new catalog zone feature in
knot dns 3.0.0.
The catalog zone replication is running quite well, but bootstrapping this
feature to replicate the config for zones wont work for me.
The zone name of the catalog zone is "zone.catalog".
The primary name server uses this config:
# Configuration export (Knot DNS 3.0.0)
zone:
- domain: "zone.catalog."
file: "%s"
notify: [ "ns1.frank.REDACTED.DOM", "ns2.frank.REDACTED.DOM" ]
acl: [ "ns1.frank.REDACTED.DOM", "ns2.frank.REDACTED.DOM" ]
catalog-role: "interpret"
catalog-template: "catalog-zone-template"
- domain: "dom-siew9tho.invalid."
The zone has this content:
[zone.catalog.] zone.catalog. 60 NS
nshp.frank.REDACTED.DOM.
[zone.catalog.] zone.catalog. 60 SOA nshp.frank.REDACTED.DOM. hostmaster.REDACTED.DOM.
1601540072 16384 2048 1048576 2560
[zone.catalog.] id-ies3eidiev4ooquahgoh.zone.catalog. 0 PTR dom-siew9tho.invalid.
[zone.catalog.] version.zone.catalog. 0 TXT "2"
Adding the following config to the primary works:
conf-begin
conf-set zone.domain "dom-siew9tho.invalid."
conf-commit
zone-begin dom-siew9tho.invalid.
zone-set dom-siew9tho.invalid. @ 60 SOA nshp.frank.REDACTED.DOM.
hostmaster.REDACTED.DOM. 1 16384 2048 1048576 2560
zone-set dom-siew9tho.invalid. @ 60 NS nshp.REDACTED.DOM.
zone-commit dom-siew9tho.invalid.
Query one of the secondaries (ns1) gives me:
error: (no such zone found)
[dom-siew9tho.invalid.]
The config of ns1:
# Configuration export (Knot DNS 3.0.0)
template:
- id: "catalog-zone-template"
storage: "/var/lib/knot/zones"
file: "%s"
semantic-checks: "on"
dnssec-signing: "off"
serial-policy: "unixtime"
kasp-db: "/var/lib/knot/kasp-db"
zone:
- domain: "zone.catalog."
file: "%s"
master: "nshp.frank.REDACTED.DOM"
acl: "nshp.frank.REDACTED.DOM"
catalog-role: "interpret"
catalog-template: "catalog-zone-template"
I'm sure i miss one
or more parts and/or i have a serious misunderstanding of
the bootstrapping setup for this feature.
- frank