YaST2 Breaking named With Include Directive

mromer1 · February 12, 2010, 6:28pm

I’ve got three name servers (master, slave1, slave2) running OpenSUSE 11.1, with BIND 9.5.0-P2. They were set up to be authoritative for several domains and to also be the forwarders for my internal name servers (which are Windows 2003 domain controllers). This has worked fine up until last week.

I used YaST to make a change to a single A record in one of my domains on the master server, and suddenly that server became very unreliable for resolving external domain names. I then switched our internal name servers to forward to slave1 rather than master, and we were back in business.

Later, I added a new domain to master and slave1 using YaST, and slave1 suddenly had the same problem. I now have the internal name servers forwarding to our ISPs name servers.

Digging through the /etc/named.conf files on slave1 and slave2 showed that slave1 had the line

include "/etc/named.d/forwarders.conf";

at the end of the Options section. slave2 does not have this line. When I edited named.conf and removed the line, then did a service named reload, slave1 started working with external names again.

So, looking at the /etc/named.d/forwarders.conf on slave1, I see this:


### /etc/named.d/forwarders.conf file autogenerated by netconfig!
#
# Before you change this file manually, consider to define the
# static DNS configuration using the following variables in the
# /etc/sysconfig/network/config file:
#     NETCONFIG_DNS_STATIC_SEARCHLIST
#     NETCONFIG_DNS_STATIC_SERVERS
#     NETCONFIG_DNS_FORWARDER
# or disable DNS configuration updates via netconfig by setting:
#     NETCONFIG_DNS_POLICY=''
#
# See also the netconfig(8) manual page and other documentation.
#
# Note: Manual change of this file disables netconfig too, but
# may get lost when this file contains comments or empty lines
# only, the netconfig settings are same with settings in this
# file and in case of a "netconfig update -f" call.
#
### Please remove (at least) this line when you modify the file!
forwarders {
        10.0.0.20; // slave1's IP address
};

The only forwarder showing up on each server in YaST is the server itself.

In addition, /etc/resolv.conf looks like this:


### /etc/resolv.conf file autogenerated by netconfig!
#
# Before you change this file manually, consider to define the
# static DNS configuration using the following variables in the
# /etc/sysconfig/network/config file:
#     NETCONFIG_DNS_STATIC_SEARCHLIST
#     NETCONFIG_DNS_STATIC_SERVERS
#     NETCONFIG_DNS_FORWARDER
# or disable DNS configuration updates via netconfig by setting:
#     NETCONFIG_DNS_POLICY=''
#
# See also the netconfig(8) manual page and other documentation.
#
# Note: Manual change of this file disables netconfig too, but
# may get lost when this file contains comments or empty lines
# only, the netconfig settings are same with settings in this
# file and in case of a "netconfig update -f" call.
#
### Please remove (at least) this line when you modify the file!
search mydomain.com

So, is there something I should do with the forwarders.conf file to make this work, or is this a bug in YaST, or what? Thanks for any help and enlightenment.

Mark

ken_yap · February 13, 2010, 1:05am

A named master/slave relationship only handles the zone files. It doesn’t handle the named configuration files. If you change a file in /etc/named.d or /etc/named.conf itself, either manually or via YaST, you have to replicate the change to slaves as well and reload the slave named servers.

If it’s something that doesn’t change often, you might just make a note to do this after any edit to the basic config (not the zone files). For a site that I have with a couple of slaves, I used SVN to track changes and a script to automatically check out changes on slaves and reload the named server.

Justin_Hurst · October 23, 2010, 3:39am

I am having the same problem. Did you ever find a solution?

I have a network behind nat and use this server as a local ns handing out local ip addresses (192.168.x.x). So all the clients list it as their ns. If it is a request for an outside domain it just forwards the request to our isp. This has worked great for years on a windows machine, but the /etc/named.d/forwarders.conf file is shared with the eth0 name server settings. I want eth0’s name server to be itself or local host so it will ask the local name server. I can configure this myself via command line, but every time yast comes anywhere near a network file it keeps adding the include /etc/named.d/forwarders.conf and overwriting my forwarders that were in named.conf. Then it breaks the whole think as it can’t forward to an outside server. How can I keep yast from doing this? If I set the eth0 to go straight to the isp ns’s then the local machine can’t see any of our internal names and that doesn’t work either.