[dns-operations] Multi-master setups

Phil Pennock dnsop+phil at spodhuis.org
Mon May 20 17:22:01 UTC 2013

On 2013-05-20 at 13:52 -0300, Carlos M. martinez wrote:
> rsync sounds like a fine solution, the problem imo, is what happens when
> something goes wrong, when a file transfer fails.
> right now i'm thinking about not rsync'ing the zone files by eash one,
> but rsync a tar file with all the zone files, so if it fails, it fails
> atomically (i know that this works for me, but other may prefer other
> failure modes)
> as a crude verification mechanism i was planning on naming the tar file
> with the sha-256 hash of the tar file

You can rsync to a new directory, using --link-dest to reference the
existing content.  This way you only transfer the changes, but build up
an entirely new directory hierarchy, hard-linking in the unchanged files
from the serving area.

When when you're ready, have done checksum checks and other
verification, you can switch the serving area over.  If you use a
symlink, then you can cut over atomically.

So you might have /var/dns/current where "current" is a symlink to a
directory named, say, "20130520T1720.$somepid"; you use --link-dest to
reference the existing current during sync; to be really cautious, you
pick some other recent dirs and --link-dest multiple times, so that if
you *do* have something go horribly wrong, the recovery still doesn't
have to do a lot of transfers but can recover quickly, using existing


More information about the dns-operations mailing list