Problems with ACLs in BIND 8.2.3? What am I doing wrong?

Mark.Andrews at nominum.com Mark.Andrews at nominum.com
Thu May 24 00:17:12 UTC 2001 


	Much more simple than that.  ACL's are not permitted in
	address lists.

		also-notify { "externaldns" };

	Mark

> 
> I don't think there's supposed to be "" around the acl name. 
> 
> On 23 May 2001, at 21:28, Eivind Olsen wrote:
> 
> > 
> > Hello.
> > 
> > I recently started re-configuring a DNS-server (well, more than one
> > really). The setup is one backend DNS-server (the real master) feeding
> > a few frontend DNS-servers. There are a few places in the named.conf
> > file where I need to refer to the frontend-servers so I thought ACLs
> > were the way to go, but I can't get it to work. It is probably me
> > doing something wrong, but I can't see what it is. Hopefully someone
> > else can. ;)
> > 
> > The problem is somewhere on the backend-server which is currently
> > running BIND 8.2.3-REL (yes, there are plans to upgrade it - some time
> > in the future).
> > 
> > When I start the DNS with this is what I get in the log:
> > 
> > May 23 14:54:59 dns01 named[23570]: [ID 295310 daemon.notice] starting
> > (/var/dns/PSNLbind8/external/external.conf).  named 8.2.3-REL Thu Feb 
> > 1 21:05:18 MET 2001 May 23 14:54:59 dns01
> > paulz at seldoff:/home/paulz/src/sol26/bind-8.2.3/src/bin/named May 23
> > 14:54:59 dns01 named[23570]: [ID 295310 daemon.error]
> > /var/dns/PSNLbind8/external/external.conf:50: syntax error near
> > "externaldns" May 23 14:54:59 dns01 named[23570]: [ID 295310
> > daemon.error] /var/dns/PSNLbind8/external/external.conf:51: syntax
> > error near '}' May 23 14:54:59 dns01 named[23570]: [ID 295310
> > daemon.error] /var/dns/PSNLbind8/external/external.conf:59: syntax
> > error near "externaldns" May 23 14:54:59 dns01 named[23570]: [ID
> > 295310 daemon.error] /var/dns/PSNLbind8/external/external.conf:60:
> > syntax error near '}' May 23 14:54:59 dns01 named[23571]: [ID 295310
> > daemon.notice] Ready to answer queries.
> > 
> > Here is a copy of the named.conf file (or, external.conf in this
> > case):
> > 
> > -START-
> > // This is a configuration file for named (from BIND 8.1 or later). //
> > It would normally be installed as /etc/named.conf.
> > 
> > acl "internaldns" {
> >  10.1.1.10; 10.1.1.11;
> > };
> > 
> > acl "externaldns" {
> >  10.1.2.10; 10.1.2.11;
> > };
> > 
> > options {
> >  directory "/var/dns/PSNLbind8/external";
> >  dump-file "external_dump.db";
> >  pid-file "external_named.pid";
> >  check-names master warn;		/* default. */
> >  datasize 20M;
> >  recursion no;
> >  fetch-glue no;
> >  listen-on { 10.1.2.1; };
> >  version "secret";
> > };
> > 
> > controls {
> >         unix "/var/run/PSNLbind8/ndc.d/external.ndc" perm 0770 owner
> >         210 
> > group 40 ;
> > };
> > 
> > zone "localhost" IN {
> >  type master;
> >  file "localhost.zone";
> >  check-names fail;
> >  allow-update { none; };
> >  allow-transfer { none; };
> > };
> > 
> > zone "0.0.127.in-addr.arpa" IN {
> >  type master;
> >  file "127.0.0.zone";
> >  check-names fail;
> >  allow-update { none; };
> >  allow-transfer { none; };
> > };
> > 
> > zone "example.com" IN {
> >  type master;
> >  file "example.external.zone";
> >  check-names fail;
> >  allow-update { none; };
> >  allow-transfer { "externaldns" };
> >  also-notify { "externaldns" };
> > };
> > 
> > zone "232.70.10.in-addr.arpa" in {
> >  type master;
> >  file "217.70.10.zone";
> >  check-names fail;
> >  allow-update { none; };
> >  allow-transfer { "externaldns" };
> >  also-notify { "externaldns" };
> > };
> > -STOP-
> > 
> > 
> > --
> > Talk To You Later
> > Eivind Olsen
> > 
> > 
> > 
> 
> 
> 
--
Mark Andrews, Nominum Inc.
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark.Andrews at nominum.com

More information about the bind-users mailing list