Can't transfer two zones using two IP addresses
Barry Margolin
barmar at alum.mit.edu
Wed Sep 1 04:44:15 UTC 2010
In article <mailman.485.1283315952.15649.bind-users at lists.isc.org>,
Scott Simpson <Scott.Simpson at computer.org> wrote:
> I'm trying to transfer my two zones "internal" and "external" from master to
> slave using two IP addresses and it isn't working.
>
> On my master I have:
>
> view "internal" {
> allow-transfer { 192.168.2.1; };
> ...
> view "external" {
> allow-transfer { 192.168.2.12; };
> ...
>
> My slave has two IP addresses 192.168.2.1 and 192.168.2.12 (I used a
> secondary
> IP address on the card). On the slave I have
>
> view "internal" {
> transfer-source 192.168.2.1;
> ...
> view "external" {
> transfer-source 192.168.2.12;
> ...
>
> When I try to transfer the domain "external", I get a permission denied on
> the
> master. I know that the slave is using the correct transfer-source IP address
> because I did a tcpdump and it shows the correct address for the two
> transfers.
>
> Interestingly, if I switch the "internal" and "external" stanzas on the
> master, I get "external" only and not "internal". What gives? Thanks.
> Scott
Do the transfer sources match the match-clients options of the two
views? When a connection arrives, it's first associated with a view
using this option. Then when the request turns out to be a zone
transfer it further checks it against the allow-transfer option.
--
Barry Margolin, barmar at alum.mit.edu
Arlington, MA
*** PLEASE don't copy me on replies, I'll read them in the group ***
More information about the bind-users
mailing list