unexpected rcode (REFUSED) from master
Face
falazemi at gmail.com
Thu Jun 9 15:48:50 UTC 2011
Hello all,
I am tring to setup a master/slave using bing BIND 9.8.0-P2. thing seem
to be working with some problems.
1. keep reciveing on both master/slave
Jun 9 18:19:31 localhost named[29444]: managed-keys-zone
./IN/internal: loading from master file
3bed2cb3a3acf7b6a8ef408420cc682d5520e26976d354254f528c965612054f.mkeys
failed: file not found
Jun 9 18:19:31 localhost named[29444]: managed-keys-zone
./IN/external: loading from master file
3c4623849a49a53911c4a3e48d8cead8a1858960bccdea7a1b978d73ec2f06d7.mkeys
failed: file not found
named user and group have permissions to:
/etc/bind.d
/var/named
2. cannot transfer one of my zones to slave dns
Jun 9 18:32:50 localhost named[29444]: zone
\194\173facilitatingkneads.com/IN/external: refresh: unexpected rcode
(REFUSED) from master 173.214.173.75#53 (source 0.0.0.0#0)
Jun 9 18:32:50 localhost named[29444]: zone
\194\173facilitatingkneads.com/IN/external: Transfer started.
I have another domains with the same setteing transfer fine however this
domain would not transfer for some reason i dont understand,
also i see "\194\173" in front of the domain i don't no why?
Any help would be much appreciated.
here are my named.conf for both master/slave:
------------------------------------------------------------------------
ns1.aldimna.com (Master) 10.0.1.1, 173.214.173.75
------------------------------------------------------------------------
acl "Externals" {173.214.173.77;};
acl "Internals" {10.0.1.0/27;127.0.0.1; };
options {
directory "/etc/bind.d";
pid-file "/var/run/named/named.pid";
auth-nxdomain yes;
datasize default;
provide-ixfr no;
forwarders {
8.8.8.8;8.8.4.4; # Google DNS
};
allow-recursion { 10.0.1.0/27;127.0.0.1; };
allow-transfer { none; };
allow-update { none; };
version none;
hostname none;
server-id none;
check-names master ignore;
check-names slave ignore;
also-notify { 173.214.173.75; 173.214.173.77; };
};
key "rndc-key" {
algorithm hmac-md5;
secret "S5kzqLD1EkzlaAYCLJYZaA==";
};
controls {
inet 127.0.0.1 allow { localhost; }
keys { rndc-key; };
};
view "internal" {
match-clients { Internals; };
recursion yes;
notify yes;
allow-transfer { 10.0.1.2; };
key DHCP_UPDATER { // DNS UPDATE SECURITY
algorithm HMAC-MD5.SIG-ALG.REG.INT;
secret pRP5FapFoJ95JEL06sv4PQ==;
};
zone "localhost" IN {
type master;
file "/etc/bind.d/internals.d/default.d/named.internals.default.zone.localhost";
allow-transfer { any; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "/etc/bind.d/internals.d/default.d/named.internals.default.zone.127.0.0";
allow-transfer { any; };
allow-update { key DHCP_UPDATER; }; // DNS UPDATE SECURITY
};
zone "." IN {
type hint;
file "/etc/bind.d/internals.d/default.d/named.internals.default.root.hint";
};
zone "4legsmanagement.com" {
type master;
file "/etc/bind.d/internals.d/domains.d/zone.internals.4legsmanagement.com";
};
zone "aldimna.com" {
type master;
file "/etc/bind.d/internals.d/domains.d/zone.internals.aldimna.com";
allow-update { key DHCP_UPDATER; }; // DNS UPDATE SECURITY
};
zone "facilitatingkneads.com" {
type master;
file "/etc/bind.d/internals.d/domains.d/zone.internals.facilitatingkneads.com";
};
zone "1.1.0.10.in-addr.arpa" {
type master;
file "/etc/bind.d/internals.d/domains.d/rev.internals.10.0.1.1";
};
zone "2.1.0.10.in-addr.arpa" {
type master;
file "/etc/bind.d/internals.d/domains.d/rev.internals.10.0.1.2";
};
};
view "external" {
match-clients { !localnets; any; };
recursion yes;
notify yes;
allow-transfer { 173.214.173.77; };
zone "4legsmanagement.com" {
type master;
file "/etc/bind.d/externals.d/domains.d/zone.externals.4legsmanagement.com";
};
zone "aldimna.com" {
type master;
file "/etc/bind.d/externals.d/domains.d/zone.externals.aldimna.com";
};
zone "facilitatingkneads.com" {
type master;
file "/etc/bind.d/externals.d/domains.d/zone.externals.facilitatingkneads.com";
};
zone "75.173.214.173.in-addr.arpa" {
type master;
file "/etc/bind.d/externals.d/domains.d/rev.externals.173.214.173.75";
};
zone "77.173.214.173.in-addr.arpa" {
type master;
file "/etc/bind.d/externals.d/domains.d/rev.externals.173.214.173.77";
};
};
logging {
channel xfer-log {
file "/var/log/named.log";
print-category yes;
print-severity yes;
print-time yes;
severity info;
};
category xfer-in { xfer-log; };
category xfer-out { xfer-log; };
category notify { xfer-log; };
channel update-debug {
file "/var/log/named-update-debug.log";
severity debug 3;
print-category yes;
print-severity yes;
print-time yes;
};
channel security-info {
file "/var/log/named-auth-info.log";
severity info;
print-category yes;
print-severity yes;
print-time yes;
};
category update { update-debug; };
category security { security-info; };
};
------------------------------------------------------------------------
ns2.aldimna.com (Slave) 10.0.1.2, 173.214.173.77
------------------------------------------------------------------------
acl "Externals" {173.214.173.75;};
acl "Internals" {10.0.1.0/28;127.0.0.1; };
options {
directory "/var/named";
pid-file "/var/run/named/named.pid";
auth-nxdomain yes;
datasize default;
provide-ixfr no;
forwarders {
8.8.8.8;8.8.4.4; # Google DNS
};
// Default security settings.
allow-recursion { 10.0.1.0/28;127.0.0.1; };
allow-transfer { none; };
allow-update { none; };
version none;
hostname none;
server-id none;
check-names master ignore;
check-names slave ignore;
also-notify { 173.214.173.75; 173.214.173.77; };
};
key "rndc-key" {
algorithm hmac-md5;
secret "S5kzqLD1EkzlaAYCLJYZaA==";
};
controls {
inet 127.0.0.1 allow { localhost; }
keys { rndc-key; };
};
view "internal" {
match-clients { Internals; };
zone "localhost" IN {
type master;
file "/etc/bind.d/named.internals.default.zone.localhost";
allow-transfer { any; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "/etc/bind.d/named.internals.default.zone.127.0.0";
allow-transfer { any; };
};
zone "." IN {
type hint;
file "/etc/bind.d/named.internals.default.root.hint";
};
zone "aldimna.com" {
type slave;
file "internals.aldimna.com";
masters {10.0.1.1;};
};
zone "facilitatingkneads.com" {
type slave;
file "internals.facilitatingkneads.com";
masters {10.0.1.1;};
};
zone "4legsmanagement.com" {
type slave;
file "internals.4legsmanagement.com";
masters {10.0.1.1;};
};
zone "1.1.0.10.in-addr.arpa" {
type slave;
file "rev.internals.10.0.1.1";
masters {10.0.1.1;};
};
zone "2.1.0.10.in-addr.arpa" {
type slave;
file "rev.internals.10.0.1.2";
masters {10.0.1.1;};
};
};
view "external" {
match-clients { !localnets; any; };
allow-query { 173.214.173.75; };
zone "aldimna.com" {
type slave;
file "external.aldimna.com";
masters { 173.214.173.75; };
};
zone "4legsmanagement.com" {
type slave;
file "external.4legsmanagement.com";
masters { 173.214.173.75; };
};
zone "facilitatingkneads.com" {
type slave;
file "external.facilitatingkneads.com";
masters {173.214.173.75;};
};
zone "75.173.214.173.in-addr.arpa" {
type slave;
file "rev.external.173.214.173.75";
masters { 173.214.173.75; };
};
zone "77.173.214.173.in-addr.arpa" {
type slave;
file "rev.external.173.214.173.77";
masters { 173.214.173.75; };
};
};
logging {
channel xfer-log {
file "/var/log/named.log";
print-category yes;
print-severity yes;
print-time yes;
severity info;
};
category xfer-in { xfer-log; };
category xfer-out { xfer-log; };
category notify { xfer-log; };
channel update-debug {
file "/var/log/named-update-debug.log";
severity debug 3;
print-category yes;
print-severity yes;
print-time yes;
};
channel security-info {
file "/var/log/named-auth-info.log";
severity info;
print-category yes;
print-severity yes;
print-time yes;
};
category update { update-debug; };
category security { security-info; };
};
Any help would be much appreciated.
More information about the bind-users
mailing list