Zone transfer issues on new domain
Kevin Darcy
kcd at chrysler.com
Wed Mar 31 19:31:18 UTC 2010
TSIG overloaded the NOTAUTH response code to mean "not authorized"
instead of its traditional meaning of "not authoritative".
I'm thinking that the root cause here is a TSIG validation issue that's
being misreported as "not authoritative" because a "generic"
error-printing routine is being used, and it only knows one way to
represent NOTAUTH.
Of course, it's easy to check whether a nameserver considers itself
authoritative for a given zone -- just do a query and check for the
presence/absence of the AA bit...
- Kevin
On 3/31/2010 7:48 AM, Lear, Karen (Evolver) wrote:
> To clarify, I added this to the named.conf on the slave:
>
> };
> zone "usptoenews.gov" {
> type slave;
> file "secondaries/db.usptoenews";
> masters { 10.240.6.50; };
> };
>
> ________________________________
> From: Lear, Karen (Evolver)
> Sent: Wednesday, March 31, 2010 7:25 AM
> To: Sten Carlsen; bind-users at lists.isc.org
> Subject: RE: Zone transfer issues on new domain
>
> I added it to the named.conf on the slave. Shouldn't it create its own db.usptoenews file under the secondaries directory?
> ________________________________
> From: bind-users-bounces+karen.lear=uspto.gov at lists.isc.org [bind-users-bounces+karen.lear=uspto.gov at lists.isc.org] On Behalf Of Sten Carlsen [stenc at s-carlsen.dk]
> Sent: Tuesday, March 30, 2010 9:26 PM
> To: bind-users at lists.isc.org
> Subject: Re: Zone transfer issues on new domain
>
> Did you add it to the slaves configuration? It does not get automagically added; so the slave gets a notify on a zone it can not serve as it is not in its config.
>
> On 31/03/10 2:14, Lear, Karen (Evolver) wrote:
> Can you tell me why I’m getting the message below on my slave server after adding a master zone on the master server for usptoenews.gov:
>
> [klear at dns2 logs]$ grep enews activity.log
> 30-Mar-2010 17:17:45.484 notify: notice: client 10.240.6.50#10738: received notify for zone 'usptoenews.gov': TSIG 'ns1-ns2.uspto.gov': not authoritative
> 30-Mar-2010 17:22:47.335 notify: notice: client 10.240.6.50#62593: received notify for zone 'usptoenews.gov': TSIG 'ns1-ns2.uspto.gov': not authoritative
>
> email: karen.lear at uspto.gov<mailto:karen.lear at uspto.gov>
>
>
>
> _______________________________________________
> bind-users mailing list
> bind-users at lists.isc.org<mailto:bind-users at lists.isc.org>
> https://lists.isc.org/mailman/listinfo/bind-users
>
>
> --
> Best regards
>
> Sten Carlsen
>
> No improvements come from shouting:
>
> "MALE BOVINE MANURE!!!"
>
> _______________________________________________
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
>
>
>
>
>
More information about the bind-users
mailing list