Allowing zone xfer to slave server
Ryan McCain
Ryan.McCain at dss.state.la.us
Fri Aug 31 16:22:04 UTC 2007
Actually dss-dr93la06-s1 resolves to 10.120.11.83 which was a secondary IP address which isnt in use anymore. dss-dr93la06-s1 resolves to a secondary IP address which doesn't exist anymore. My brain is fried and I should have removed them. I am doing that now.
the dss.la.gov zone file is below. Noticed I added NS dns-ext2. dns-ext2.dss.state.la.us is an A record in the external dss.state.la.us zone that points to 172.20.11.118
$ORIGIN .
$TTL 3600 ; 1 hour
dss.la.gov IN SOA dssns.dss.la.gov. admin. (
53 ; serial
900 ; refresh (15 minutes)
600 ; retry (10 minutes)
86400 ; expire (1 day)
3600 ; minimum (1 hour)
)
NS dssns.dss.la.gov.
NS dssns2.dss.la.gov.
NS dns-ext2.dss.state.la.us.
A 205.172.49.49
MX 10 smtp-ext1.dss.la.gov.
MX 20 smtp-ext2.dss.la.gov.
$ORIGIN dss.la.gov.
dss-cs99lv01-a A 205.172.49.5
dssns A 199.248.209.34
dssns2 A 199.248.209.35
formquesttanf A 205.172.49.17
formquesttanftrain A 205.172.49.16
smtp-ext1 A 205.172.49.5
smtp-ext2 A 205.172.49.7
webaccess CNAME webaccess.dss.state.la.us.
www A 205.172.49.49
wwwapps A 205.172.49.15
ryan A 205.172.49.100
$ORIGIN .
---
Both of these servers are on our internal network and accessible through firewall rules. Our internal domain used is dss.state.la.us and one of the external domains I want to provide DNS services for is dss.state.la.us so I don't know if thats confusing things???
>>> On Thu, Aug 30, 2007 at 4:40 PM, in message
<e65c4bab0708301440g79782488l33d01112593c9b23 at mail.gmail.com>, "Dawn Connelly"
<dawn.connelly at gmail.com> wrote:
> The command is actually:
> dig @172.20.11.200 dss.la.gov axfr
> You have to have the axfr for transfer. Otherwise it just queries for a
> record rather than transfer.
>
> I'm assuming that either dss-cs99la45-s1.dss.state.la.us or
> dss-dr93la06-s1.dss.state.la.us resolves to 172.20.11.118?
>
> The also-notify is only needed if there isn't an NS record.
>
> Are there any messages in you log files that would provide a hint? Like does
> your master server have any logs with your slaves IP address or does your
> slave have any logs regarding this particular domain?
>
>
> On 8/30/07, Ryan McCain <Ryan.McCain at dss.state.la.us> wrote:
>>
>> Here is the zone file from the primary DNS server if this helps..
>>
>> --
>>
>> $ORIGIN .
>> $TTL 3600 ; 1 hour
>> dss.la.gov IN SOA dssns.dss.la.gov. admin. (
>> 53 ; serial
>> 900 ; refresh (15 minutes)
>> 600 ; retry (10 minutes)
>> 86400 ; expire (1 day)
>> 3600 ; minimum (1 hour)
>> )
>> NS dssns.dss.la.gov.
>> NS dssns2.dss.la.gov.
>> NS dss-cs99la45-s1.dss.state.la.us.
>> NS dss-dr93la06-s1.dss.state.la.us.
>> A 205.172.49.49
>> MX 10 smtp-ext1.dss.la.gov.
>> MX 20 smtp-ext2.dss.la.gov.
>> $ORIGIN dss.la.gov.
>> dss-cs99lv01-a A 205.172.49.5
>> dssns A 199.248.209.34
>> dssns2 A 199.248.209.35
>> smtp-ext1 A 205.172.49.5
>> smtp-ext2 A 205.172.49.7
>> ryan A 205.172.49.100
>> $ORIGIN .
>>
>>
>>
More information about the bind-users
mailing list