Unable to get Zone transfer to work
Vincent Yonemitsu
vince at soilengineersltd.com
Thu Dec 20 18:02:51 UTC 2007
I added that to the named.conf file on the master and bounced the servers
and waited and still no zone file details on the slave.
--
Vincent Yonemitsu
Information Technology and Infrastructure Manager
vincentyonemitsu at soilengineersltd.com
Tel. (416) 754-8515 x 270
100 Nugget Avenue
Toronto, Ontario M1S 3A7
Toll Free Tel. (800) 268-5624 x 270
Fax: (416) 754-8516
This message is intended only for the use of the individual to which it is
addressed and contains information that is privileged and confidential. If
this e-mail is not intended for you, any reading, distribution, copying,
or disclosure of this e-mail is strictly prohibited. If you have received
this communication in error, please notify Soil Engineers Ltd.
immediately. Soil Engineers Ltd. assumes no liability for any unauthorized
use or alteration of the contents or attachments of this e-mail.
Have a look at our website: http://www.soilengineersltd.com
> Try adding this to your named.conf options clause
>
> allow-transfer { 192.168.1.11; };
>
> Also the allow-notify statement probably isn't needed given the zone
> file you've included. However, if you change the A records to the public
> NAT IP addresses, you will need to add something like
>
> also-notify { 192.168.1.11; };
>
>
> On Thu, 2007-12-20 at 11:45 -0500, Vincent Yonemitsu wrote:
>> Ok,
>> I have a pair of Bind servers 9.xx running on fedora.
>> These are sitting on IP's 192.168.1.10 and 192.168.1.11 master and slave
>> respectively.
>>
>> They have static Nats to the outside world of 99.99.99.10 and
>> 99.99.99.11
>> I am unable to get the master zone on the master to transfer to the
>> slave.
>> Here is my named.conf on the master
>>
>> [root at ns1 named]# cat /etc/named.conf
>> acl "trusted" {
>> localhost;
>> 192.168.0.0/24;
>> 192.168.1.0/24;
>> };
>>
>> options {
>> directory "/var/named";
>> allow-recursion { trusted; };
>> allow-query { trusted; };
>> allow-notify {192.168.1.11; };
>> version "get lost";
>> listen-on {
>> 192.168.1.10;
>> 127.0.0.1;
>> };
>> forwarders {
>> 207.181.101.4;
>> 207.181.101.5;
>> };
>> forward first;
>> recursion yes;
>> };
>>
>> logging{
>> channel example_log{
>> file "/var/log/named/example.log" versions 3 size 2m;
>> severity info;
>> print-severity yes;
>> print-time yes;
>> print-category yes;
>> };
>>
>> category default{
>> example_log;
>> };
>> };
>>
>> zone "." {
>> type hint;
>> file "/var/named/root.servers";
>> };
>> zone "mydomain.com" in{
>> type master;
>> file "/var/named/mydomain.com.zone";
>> allow-transfer {192.168.1.11;};
>> };
>>
>> Here is the mydomain.com zone file.
>>
>> [root at ns1 named]# cat mydomain.com.zone
>> $TTL 86400
>> mydomain.com. IN SOA ns1.mydomain.com. ns2.mydomain.com. (
>> 200712201
>> 60
>> 3600
>> 604800
>> 38400
>> )
>>
>> mydomain.com. IN NS ns1.mydomain.com.
>> mydomain.com. IN NS ns2.mydomain.com.
>> mydomain.com. IN MX 10 mail.mydomain.com.
>>
>> www IN A 99.99.99.230
>> mail IN A 99.99.99.229
>> ns1 IN A 192.168.1.10
>> ns2 IN A 192.168.1.11
>> ldap IN A 99.99.99.232
>> iis IN A 99.99.99.231
>> dms IN A 99.99.99.234
>> brback IN A 99.99.99.233
>>
>>
>> Here is the named.conf file on the Slave
>>
>> data dynamic named.ca named.empty named.localhost named.loopback
>> root.servers slaves
>> [root at ns2 named]#
>> [root at ns2 named]# ls
>> data dynamic named.ca named.empty named.localhost named.loopback
>> root.servers slaves
>> [root at ns2 named]# ls
>> data dynamic named.ca named.empty named.localhost named.loopback
>> root.servers slaves
>> [root at ns2 named]# ls
>> data dynamic named.ca named.empty named.localhost named.loopback
>> root.servers slaves
>> [root at ns2 named]# ls
>> data dynamic named.ca named.empty named.localhost named.loopback
>> root.servers slaves
>> [root at ns2 named]# ls
>> data dynamic named.ca named.empty named.localhost named.loopback
>> root.servers slaves
>> [root at ns2 named]# ls
>> data dynamic named.ca named.empty named.localhost named.loopback
>> root.servers slaves
>> [root at ns2 named]# ls
>> data dynamic named.ca named.empty named.localhost named.loopback
>> root.servers slaves
>> [root at ns2 named]# service named stop
>> Stopping named: [ OK ]
>> [root at ns2 named]# vi soilengineersltd.com
>> [root at ns2 named]# service named start
>> Starting named: [ OK ]
>> [root at ns2 named]# ls
>> data named.ca named.localhost root.servers
>> soilengineersltd.com
>> dynamic named.empty named.loopback slaves
>> [root at ns2 named]# service named stop
>> Stopping named: [ OK ]
>> [root at ns2 named]# vi soilengineersltd.com.zone
>> [root at ns2 named]# service named start
>> Starting named: [ OK ]
>> [root at ns2 named]# cat soilengineersltd.com.zone
>> [root at ns2 named]# rm soilengineersltd.com
>> rm: remove regular empty file `soilengineersltd.com'? y
>> [root at ns2 named]# ls
>> data named.ca named.localhost root.servers
>> soilengineersltd.com.zone
>> dynamic named.empty named.loopback slaves
>> [root at ns2 named]# cat named.conf
>> cat: named.conf: No such file or directory
>> [root at ns2 named]# cat /etc/named.conf
>> acl "trusted" {
>> localhost;
>> 192.168.0.0/24;
>> 192.168.1.0/24;
>> };
>>
>> options {
>> directory "/var/named";
>> allow-recursion { trusted; };
>> allow-query { trusted; };
>> version "get lost";
>> allow-transfer {192.168.1.10;};
>> listen-on {
>> 192.168.1.11;
>> 127.0.0.1;
>> };
>> forwarders {
>> 207.181.101.4;
>> 207.181.101.5;
>> };
>> forward first;
>> recursion yes;
>> };
>>
>> logging{
>> channel example_log{
>> file "/var/log/named/example.log" versions 3 size 2m;
>> severity info;
>> print-severity yes;
>> print-time yes;
>> print-category yes;
>> };
>>
>> category default{
>> example_log;
>> };
>> };
>>
>> zone "." {
>> type hint;
>> file "/var/named/root.servers";
>> };
>> zone "soilengineersltd.com" in{
>> type slave;
>> file "/var/named/soilengineersltd.com.zone";
>> masters {192.168.1.10; };
>> };
>>
>>
>> Here is named.conf file on the Slave
>>
>> [root at ns2 named]# cat /etc/named.conf
>> acl "trusted" {
>> localhost;
>> 192.168.0.0/24;
>> 192.168.1.0/24;
>> };
>>
>> options {
>> directory "/var/named";
>> allow-recursion { trusted; };
>> allow-query { trusted; };
>> version "get lost";
>> allow-transfer {192.168.1.10;};
>> listen-on {
>> 192.168.1.11;
>> 127.0.0.1;
>> };
>> forwarders {
>> 207.181.101.4;
>> 207.181.101.5;
>> };
>> forward first;
>> recursion yes;
>> };
>>
>> logging{
>> channel example_log{
>> file "/var/log/named/example.log" versions 3 size 2m;
>> severity info;
>> print-severity yes;
>> print-time yes;
>> print-category yes;
>> };
>>
>> category default{
>> example_log;
>> };
>> };
>>
>> zone "." {
>> type hint;
>> file "/var/named/root.servers";
>> };
>> zone "mydomain.com" in{
>> type slave;
>> file "/var/named/mydomain.com.zone";
>> masters {192.168.1.10; };
>> };
>>
>>
>> Any Ideas on where I screwed up? The server can ping eahcother and can
>> resolave against eachother but the zone file won't transfer.
>> I created a blank /var/named/mydomain.com.zone on the slave but it
>> continues to be empty after many bounces of the server...Ps I reduced
>> the
>> refresh to 60 to try and hurry up the process.
>>
>> --
>>
>> Vincent Yonemitsu
>> Information Technology and Infrastructure Manager
>> vincentyonemitsu at soilengineersltd.com
>> Tel. (416) 754-8515 x 270
>>
>> 100 Nugget Avenue
>> Toronto, Ontario M1S 3A7
>> Toll Free Tel. (800) 268-5624 x 270
>> Fax: (416) 754-8516
>>
>> This message is intended only for the use of the individual to which it
>> is
>> addressed and contains information that is privileged and confidential.
>> If
>> this e-mail is not intended for you, any reading, distribution, copying,
>> or disclosure of this e-mail is strictly prohibited. If you have
>> received
>> this communication in error, please notify Soil Engineers Ltd.
>> immediately. Soil Engineers Ltd. assumes no liability for any
>> unauthorized
>> use or alteration of the contents or attachments of this e-mail.
>>
>> Have a look at our website: http://www.soilengineersltd.com
>>
>>
>>
> --
> Jeff Reasoner
> HCCA
> 513 728-7902 office
> 513 728-7958 fax
>
>
>
> --
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.
>
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the bind-users
mailing list