8

I have configured BIND and ISC DHCPD to work together (using keys for updates). Now it's not that it does not work at all: forward maps etc are most often added.

However, very often, for no apparent reason the .jnl file (journal) for the zone is left there and the main zone file is not updated. This results in infuriating lack of resolution of some hosts after DHCP lease acquire (if the hosts was not there in the zone file in the first place, or it leads to the old address).

Permissions look like this:

-rw-r--r--   1 bind bind  691 Dec 10 11:06 myzone.zone
-rw-r--r--   1 bind bind  765 Dec 10 12:17 myzone.zone.jnl

It should not be permissions problem though since the zone does (often) get updated via DHCP/DDNS?

What is the source of this problem and a fix for it?

OS: debian 7.2 x64, stable release bind and isc-dhcp server.

LetMeSOThat4U
  • 1,159
  • 2
  • 14
  • 29
  • 1
    I don't understand, even if the change is only in the `jnl` file, it should always resolve correctly. Maybe your problem is somewhere else. – faker Dec 10 '13 at 13:16

2 Answers2

12

With bind 9.9, "rndc sync" is not enough; you also need the "-clean" flag:

sync [-clean] [zone [class [view]]]
Sync changes in the journal file for a dynamic zone to the master file. If the "-clean" option is specified, the journal file is also removed. If no zone is specified, then all zones are synced.
Community
  • 1
Craig Leres
  • 121
  • 1
  • 3
7

I've looked at this before.
Restarting named will flush updated data from .jnl files back to the zone file, but there's also another way..

rndc freeze <zone> but this will disable DDNS, so it should be followed with a rndc thaw <zone> to re-enable it, and should clear up the .jnl files.

There's apparently a rndc sync in Bind 9.9.

Tom O'Connor
  • 27,440
  • 10
  • 72
  • 148
  • Thanks! it works, but am I limited to running rndc freeze/from cron? Although not very probable, at some point DDNS will hit a split second when update is not available bc of this. What then? I could stop DHCPD, do rndc freeze, rndc thatw and then start DHCPD but... – LetMeSOThat4U Dec 10 '13 at 13:00
  • Why not run freeze/thaw at a time when it's improbable that DHCPd will be handing out addresses? If they're for clients, then perhaps a time when everyone's asleep?.. OR.. tail the dhcp output log file, and don't freeze it if it's just received a DHCPREQUEST packet? – Tom O'Connor Dec 10 '13 at 13:50