Slave DNS Not Syncing After Server Migration

I recently did a server migration ( Migrating Server ) and everything went well. Thanks to the Virtualmin team and the folks who responded to my questions in that other thread.

The only issue now is that our slave DNS server (Virtualmin) is getting zones for the virtual servers on our primary Virtualmin server, however no DNS records in the zones (attachments).

Master DNS

master-dns1194×831 86.5 KB

Slave DNS

slave-dns1195×625 55.2 KB

Any suggestions are appreciated!

You dropped this right at the end of the other thread. I think I set this up with Webmin. I think that might be a problem.

@ID10T - Thank you for the reply and helping me here also.

This slave DNS server was a Virtualmin server previously (slaved to the old server and master DNS). It used to get updates from the old server. Since I was installing Debian 11 on the new server (master) I decided to wipe the old slave DNS server because it was running Debian 10 and (I think) PHP 7.3.

This slave DNS server really only runs our secondary DNS and is in a different datacenter and geo location than the master DNS server.

I’ve wiped this slave DNS server and started over and it still gets the zones from the master DNS server, but no records as shown in the above screenshots.

maybe it a permissions thing on master

I’ve noticed the same on a new setup, and this does not occur on older setups that are as far as I can tell identical.
My current workaround is to quickly reload bind on the slave after adding a new domain (systemctl reload named or using “Reload configuration” in Webmin), as you can see it attempts a transfer in the logs but the master is indicated as non-authoritive until after the reload.
Dunno why it happens and haven’t had the energy to properly look into it yet.

Following up on this, @jtomelevage could you see if you have the same behaviour as this post?

Because this is exactly what I am seeing on a freshly installed system from last week, while my others that were installed long ago and upgraded works flawlessly. Configuration is exactly the same and I verified that the fix mentioned by @Jamie and @Ilia is in place.
Any thoughts on what else might cause this now?

Edit: Apologies for slightly hijacking the thread in case OP is not seeing the same. Then I’ll open a new one.

@toreskev you might want to open a new ticket for your issue if it’s not exactly the same…

Yes, which is what I said in my post also, but let’s wait to see if OP confirms if he is seeing the same.

I will reply to myself again. Following the steps provided by the OP here resolved it for me:

@jtomelevage maybe this is the case for you as well?

@toreskev - Regarding your post reference:

I did that already, andf just as a precaution I did it again. I still get the zones transferred, but none of the zones from the master have records on the slave.

I don’t see how it can be a permissions thing if the zones from the master DNS server are being created on the slave DNS server.

Still open to suggestions.

That’s strange as it did the trick for me.

Permission issues on the slave then perhaps? With what ownership are they created in /var/lib/bind?

@toreskev - root:bind on both master and slave servers.

Please check zone options and notify slaves (on the master system) for a domain, e.g.:

image2430×702 94.7 KB

Your logs on the slave show anything?

On the slave.
tail -f /var/log/syslog

On the master. Increase the serial number on the serial number and apply the zone. Or just add a bogus record like test.example.com.

What is the output of the log on the slave?

@Ilia - I have the IP of the slave DNS server in the allow transfers from and also notify slaves:

master-zone-options1206×407 48.3 KB

@ID10T - I will make look at your suggestions this evening.

Try to set notify to Yes or explicit instead of leaving default.

This might be it then, as I have set mine to bind:bind since forever due to the behaviour mentioned here:
https://archive.virtualmin.com/node/30729

@Ilia -

Strange. I found that most Zone options pages were set to yes but about 10% were set to default. I changed them all to yes.

For my first tests I tried adding a test A record via bind on the master DNS server:
Webmin | Servers | Bind DNS Server | Selecting a Zone | Clicking “Address” (A records) | adding my test Name and server IP
This resulted in no records being generated or added to the slave DNS server - the modified Zone still had zero records.

For some reason I thought to try adding the test A record via (master DNS server):
Virtualmin | Choosing the domain from the dropdown | Server Configuration | DNS Records | Green “Create Record Of Type” button and adding my test name and IP address.
This resulted in a successful Zone transfer and all Zone records from the master DNS server. Now the zone had all the records on the slave DNS server as the master DNS server.
Next I deleted the test A record from the master DNS server and checked and the record was also deleted from the slave DNS server.

It was a long painful process, but I did this procedure for all virtual servers on the master DNS server and verified that each Zone was added to and deleted from correctly.

Lastly I added a completely new domain to the master DNS server ( Virtualmin | Create Virtual Server ).
This successfully added the domain, Zone and DNS records to the slave DNS server.
Deleting this new test Virtual Server was also successful.

So, this was resulting from a migration from one master DNS server to a brand new one (shiny). I do not understand why some virtual servers transferred with the slave zone option set to default and some to yes.

Regardless, all seems well now.

Thank you all for you patience and input helping me through this. Also kudos to the Virtualmin team for a really great product!

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.