Freezing zone files to allow manual update to ZoneRunner-managed zone files – F5 Networks

Topic

You should consider using this procedure under the following condition:

  • You need to stop dynamic updates to zone files while manually editing files managed by the ZoneRunner utility.Important: F5 recommends using the ZoneRunner utility to manage the DNS/BIND file rather than manually editing the file. If you are required to manually edit the zone files, you must freeze the zone files to avoid issues with name resolution and dynamic updates.

Description

The ZoneRunner utility uses dynamic update to make zone changes. All changes made to a zone using dynamic update are written to the zone’s journal file. When the BIG-IP DNS system restarts after a shutdown, the system replays the journal file to incorporate any updates that took place after the last zone file update into the zone. Dynamic update periodically flushes the complete contents of the updated zone to its zone file and automatically deletes the journal file. However, if manual updates to a zone are required, the zone files must be frozen to prevent dynamic updates from occurring and overwriting changes to the zone file.

Prerequisites

You must meet the following prerequisite to use this procedure:

  • You must have administrative access to the command line on your BIG-IP GTM system.

Procedures

The following procedures describe how to stop the ZoneRunner utility and freeze an individual zone or all zones. While the zones are frozen, dynamic updates cannot occur, but normal name resolution is allowed. To freeze a single or all zones, perform either of the following procedures:

Freezing a single zone file to allow a manual update to a single zone managed by the ZoneRunner utility

Important: To prevent the journal files from being synchronized if the BIG-IP DNS system is configured to synchronize DNS zone files, the zone must be frozen on all BIG-IP DNS systems.

Impact of procedure: No dynamic updates to the frozen zone can occur during this procedure.

  1. Log in to the BIG-IP DNS command line.
  2. Select the directory that contains the zone files by typing the following command:cd /var/named/config/namedb
  3. Back up the zone file that you want to edit by using the following command syntax:cp <zone_filename> <zone_filename>.original
  4. Stop the ZoneRunner utility by typing the following command:bigstart stop zrd
  5. Freeze the zone you want to edit by using the following command syntax:Note: Replace <zone name> with the name of the zone you want to freeze to allow manual editing. The <class> section is always IN for Internet. Replace <view> with the view type. For common configurations, the <view> section is external; for complex configurations, check the zone file for the type of view associated with it.

    Note: While frozen, dynamic updates are not available but name resolution is still allowed.

    rndc freeze <zone name> <class> <view>

    For example:

    rndc freeze askf5.net in external

  6. Make the manual zone changes you want.Important: You should have subject matter knowledge on zone file formats to manually edit zone files. Zone files updated with an incorrect zone file format may cause the ZoneRunner utility and/or the named process to fail to function properly.
  7. Run the named-checkzone command to check the file for any syntax errors by using the following command syntax:named-checkzone <zone> <filename>

    Note: If you are not in the same directory as the file, you must provide the full path of the file.

    For example, using the previous example, you would type the following command:

    named-checkzone askf5.net db.external.askf5.net

    If the system reports any errors, you must correct them before you proceed.

  8. In BIG-IP 11.5.0 and later, sync the changes in the journal file to the master file, and remove the journal file by typing the following command:Note: In versions prior to BIG-IP 11.5.0 you can skip to step 9.

    rndc sync -clean

  9. Thaw or unfreeze the zone by using the following command syntax:rndc thaw <zone name> <class> <view>

    For example, using the previous example, you would type the following command:

    rndc thaw askf5.net in external

    This command allows the changes to be reloaded and the zone to participate in dynamic updates.

  10. Restart the ZoneRunner utility by typing the following command:bigstart start zrd
  11. If your BIG-IP DNS system is in a sync group and you have the Synchronize DNS Zone Files option enabled, run the following command to synchronize the changes:

    touch /var/named/config/named.conf

Freezing all zone files to allow a manual update to multiple or all zones managed by the ZoneRunner utility

Important: To prevent the journal files from being synchronized if the BIG-IP DNS system is configured to synchronize DNS zone files, the zone must be frozen on all BIG-IP DNS systems.

Impact of procedure: No dynamic updates to all frozen zones can occur during this procedure.

  1. Log in to the BIG-IP DNS command line.
  2. Select the directory that contains the zone files by typing the following command:cd /var/named/config/namedb
  3. Back up the zone files that you want to edit by using the following command syntax:cp <zone_filename> <zone_filename>.original
  4. Stop the ZoneRunner utility by typing the following command:bigstart stop zrd
  5. Freeze all zones to stop dynamic updates by typing the following command:Note: While frozen, dynamic updates are not available but name resolution is still allowed.

    rndc freeze

    Note: When the zone files are frozen, the associated .jnl journal files are automatically removed.

  6. Make the manual zone changes you want.Important: You should have subject matter knowledge on zone file formats to manually edit zone files. Zone files updated with an incorrect zone file format may cause the ZoneRunner utility and/or the named process to fail to function properly.
  7. Run the named-checkzone command to check the file for any syntax errors by using the following command syntax:named-checkzone <zone> <filename>

    Note: If you are not in the same directory as the file, you must provide the full path of the file.

    For example, using the previous example, you would type the following command:

    named-checkzone askf5.net db.external.askf5.net

    If the system reports any errors, you must correct them before you proceed.

  8. In BIG-IP 11.5.0 and later, sync the changes in the journal file to the master file, and remove the journal file by typing the following command:Note: In versions prior to BIG-IP 11.5.0, you can skip to step 9.

    rndc sync -clean

  9. Thaw or unfreeze the zones by typing the following command:rndc thaw

    This command allows the changes to be reloaded and the zones to participate in dynamic updates.

  10. Restart the ZoneRunner utility by typing the following command:bigstart start zrd
  11. If your BIG-IP DNS system is in a sync group configuration and you have the Synchronize DNS Zone Files option enabled, run the following command to sync the changes:

    touch /var/named/config/named.conf

Was this article helpful?

Yes No

Related Articles

Leave A Comment?