Zone transfer master -> slave using views on same subnet.
bsd
bsd at todoo.biz
Sat Jan 6 23:51:42 UTC 2007
Thanks for the advise,
I have modified the "masters" reference on the slave but once I
modify a zone on the master and issue a
# rndc reload zone.com in externe
I have the following error :
07-Jan-2007 00:44:21.778 debug 1: zone zone.com/IN/externe: notify to
78.87.206.99#53: retries exceeded
78.87.206.99 is the IP of the slave on the "externe" view.
Notification are not sent to the correct IP.
??
Le 6 janv. 07 à 13:57, Mark Andrews a écrit :
>
>> Hello,
>>
>>
>> I am fighting to be able to have complete zone transfer between
>> Master and Slave with view configured, knowing that both Master and
>> Slave are on the same subnet.
>>
>> Both servers are located on the 192.168.2.0 network. They are reached
>> with NAT through the IP 78.87.206.98 (Master) 78.87.206.99 (Slave).
>> Master is 192.168.2.2 and Slave 192.168.2.3
>
> The server and masters clause need to match up. You have a
> mis-match.
>
> server 192.168.2.2 { keys externe; };
> masters { 78.87.206.98 ; };
>
>> I have followed the example provided on the FAQ using TSIG zone
>> transfer between Master and Slave.
>> It is working quite ok on the "interne" view but not on the "externe"
>> view.
>>
>>
>> Any help would be greatly apreciated.
>>
>>
>> THx in advance.
>>
>>
>> ####################
>> # Master
>> ####################
>>
>> key "externe" {
>> algorithm hmac-md5;
>> secret "cduzN45KImfVsTkuwt4DpDunf9z3BlMV0idz+y03En0=";
>> };
>>
>> acl interne { 192.168.2.0/24; 127.0.0.1; };
>> acl reseau { 78.87.206.96/28; 127.0.0.1; 82.66.93.242;
>> 192.168.2.0/24; };
>>
>> options {
>> directory "/etc/namedb/zones";
>> pid-file "/var/run/named/pid";
>> dump-file "/var/dump/named_dump.db";
>> statistics-file "/var/stats/named.stats";
>> zone-statistics yes;
>> query-source address * port 53;
>>
>> allow-transfer {
>> 78.87.206.99;
>> 192.168.2.3;
>> 195.115.46.198;
>> 80.67.173.196;
>> 199.242.242.199;
>> 195.141.133.18;
>> 195.141.133.17;
>> 217.70.177.40;
>> 195.115.141.1;
>> 195.115.141.4;
>> 194.6.128.4;
>> 213.186.62.200;
>> };
>>
>> allow-recursion { reseau; };
>> version "mind your own business!";
>> blackhole {
>> };
>> };
>>
>>
>> // Vue interne du reseau ToDoo en 192.168.2.0
>>
>> view interne {
>> match-clients { !key externe; interne; };
>> // notify no;
>>
>> zone "rma.fr" {
>> type master;
>> file "local/hosts.rma.fr";
>> };
>>
>> zone "tomo.biz" {
>> type master;
>> file "local/hosts.tomo.biz";
>> };
>>
>> zone "2.168.192.in-addr.arpa" {
>> type master;
>> file "local/hosts.2.168.192.in-addr.arpa";
>> };
>>
>> };
>>
>>
>> //--- Cache ---
>>
>> view externe {
>> match-clients { key externe; any; };
>> server 192.168.2.3 { keys externe; };
>> recursion no;
>>
>>
>> zone "." {
>> type hint;
>> file "named.ca";
>> };
>>
>>
>> //--- Reverse ---
>>
>> zone "0.0.127.in-addr.arpa" {
>> type master;
>> file "named.local";
>> };
>>
>>
>> //--- Zone reverse de nos clients ---//
>>
>> zone "73.66.91.81.in-addr.arpa" {
>> type master;
>> file "hosts.73.66.91.81.in-addr.arpa";
>> };
>>
>>
>> //--- Slaves for Aeroports de paris ---
>>
>>
>> zone "alloco.com" {
>> type slave;
>> masters { 87.98.206.98 ; };
>> file "hosts.alloco.com";
>> allow-transfer { none; };
>> };
>>
>>
>>
>>
>>
>>
>>
>> ############
>> Slave
>> ############
>>
>>
>> key "externe" {
>> algorithm hmac-md5;
>> secret "cduzN45KImfVsTkuwt4DpDunf9z3BlMV0idz+y03En0=";
>> };
>>
>>
>> acl interne { 192.168.2.0/24; 127.0.0.1; };
>> acl reseau { 127.0.0.1; 192.168.2.0/24; 82.66.93.242;
>> 78.87.206.97/28; };
>>
>> options {
>> directory "/zones";
>> pid-file "/var/run/named/pid";
>> dump-file "/var/dump/named_dump.db";
>> statistics-file "/var/stats/named.stats";
>> query-source address * port 53;
>> max-transfer-time-in 1800;
>> max-transfer-idle-in 900;
>> version "mind your own business!";
>> blackhole {
>> };
>> allow-recursion { reseau; };
>> };
>>
>>
>> view interne {
>> match-clients { !key externe; interne; };
>>
>> zone "rma.fr" {
>> type slave;
>> masters { 192.168.2.2; };
>> file "hosts.rma.fr.interne";
>> };
>>
>> zone "tomo.biz" {
>> type slave;
>> masters { 192.168.2.2; };
>> file "hosts.tomo.biz.interne";
>> };
>>
>> zone "2.168.192.in-addr.arpa" {
>> type slave;
>> masters { 192.168.2.2; };
>> file "hosts.2.168.192.in-addr.arpa";
>> };
>>
>> };
>>
>>
>>
>> view externe {
>> match-clients { key externe; any; };
>> server 192.168.2.2 { keys externe; };
>> // recursion no;
>>
>> //--- Cache ---
>>
>> zone "." {
>> type hint;
>> file "named.root";
>> };
>>
>> //--- Reverse ---
>>
>> zone "0.0.127.in-addr.arpa" {
>> type master;
>> file "localhost.rev";
>> };
>>
>> zone "alloco.fr" {
>> type slave;
>> masters { 78.87.206.98 ; };
>
> masters { 192.168.2.2; };
>
>> file "hosts.alloco.fr";
>> allow-transfer { none; };
>> };
>>
>>
>
>> };
>>
>>
>>
>>
>>
>> ________________________________________________
>> «?»¥«?»§«?»¥«?»§«?»¥«?»§«?»¥«?»§«?»¥«?»§«?»¥«?»§
>> ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
>> Gregober ---> PGP ID --> 0x1BA3C2FD
>> bsd @at@ todoo.biz
>> ________________________________________________
>> «?»¥«?»§«?»¥«?»§«?»¥«?»§«?»¥«?»§«?»¥«?»§«?»¥«?»§
>> ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
>>
>> P "Please consider your environmental responsibility before printing
>> this e-mail"
>>
>>
>>
> --
> Mark Andrews, ISC
> 1 Seymour St., Dundas Valley, NSW 2117, Australia
> PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews at isc.org
________________________________________________
«?»¥«?»§«?»¥«?»§«?»¥«?»§«?»¥«?»§«?»¥«?»§«?»¥«?»§
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Gregober ---> PGP ID --> 0x1BA3C2FD
bsd @at@ todoo.biz
________________________________________________
«?»¥«?»§«?»¥«?»§«?»¥«?»§«?»¥«?»§«?»¥«?»§«?»¥«?»§
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
P "Please consider your environmental responsibility before printing
this e-mail"
More information about the bind-users
mailing list