Discussion:
Regarding zone trf from master to slave
(too old to reply)
Gaurav Kansal
2014-03-06 07:37:46 UTC
Permalink
Dear Team,



We are running slave services for our customers.

We want to have log of what entries has been changed in the master (which is
causing this zone transfer) at the time of zone transfer.



I want to know whether it is possible to have some sort of log generation
(either by using query channels or by any other means) which we can save for
future reference purposes.





Thanks and Regards,

Gaurav Kansal
Tony Finch
2014-03-05 19:05:56 UTC
Permalink
Post by Gaurav Kansal
We are running slave services for our customers.
We want to have log of what entries has been changed in the master (which is
causing this zone transfer) at the time of zone transfer.
I want to know whether it is possible to have some sort of log generation
(either by using query channels or by any other means) which we can save for
future reference purposes.
Are the zone journal files on the slaves useful for solving your problem?

e.g. my nameserver logs

05-Mar-2014 09:36:19.992 general: info: zone cam.ac.uk/IN/auth: transferred serial 1394009951
05-Mar-2014 09:36:19.992 xfer-in: info: transfer of 'cam.ac.uk/IN/auth' from 2001:630:212:8::d:a0#53: Transfer completed: 16 messages, 5572 records, 935172 bytes, 0.118 secs (7925186 bytes/sec)
[...]
05-Mar-2014 15:54:30.008 general: info: zone cam.ac.uk/IN/auth: transferred serial 1394024357
05-Mar-2014 15:54:30.008 xfer-in: info: transfer of 'cam.ac.uk/IN/auth' from 2001:630:212:8::d:a0#53: Transfer completed: 1 messages, 266 records, 34454 bytes, 0.009 secs (3828222 bytes/sec)

If I run named-journalprint I can work out the contents the second IXFR
based on the SOA serial numbers, starting with the line deleting the SOA
with previously transferred serial, and ending with the last contiguous
add line after the SOA with the current serial.

Tony.
--
f.anthony.n.finch <***@dotat.at> http://dotat.at/
Fisher, German Bight: South or southwest 3 or 4, increasing 5 or 6. Slight
becoming moderate. Fog patches in east, rain later. Moderate, occasionally
very poor in east.
Graham Clinch
2014-03-05 19:23:37 UTC
Permalink
Hi,
Post by Gaurav Kansal
We want to have log of what entries has been changed in the master
(which is causing this zone transfer) at the time of zone transfer.
Two options come to mind:

1) Log the output of 'dig -t ixfr=2014030501 example.org' occasionally,
updating the serial to query for changes since the last run. If the
master doesn't provide IXFR, you could enable 'ixfr-from-differences' on
a slave and then query the slave.

2) If your slave has access to a zone journal (because the master
supports IXFRs or you have 'ixfr-from-differences' enabled), log the
output of 'named-journalprint example.org.jnl'

Graham

Loading...