is there a also-allow-transfer

Sten Carlsen stenc at s-carlsen.dk
Thu Dec 13 09:35:22 UTC 2012 

On 13/12/12 10:09, Feng He wrote:
> Thanks.
>
> So how to handle the case described as below?
>
> We already have the also-notify{} section in the global options{} block.
>
> But for a special zone, just want to include another IP to also-notify
> besides the global IPs.
>
>
>
>
> 于 2012-12-13 17:00, Sten Carlsen 写道:
>> On 13/12/12 9:46, Feng He wrote:
>>> Hello Mark,
>>>
>>> My named.conf looks as:
>>>
>>> acl "NAMESVR" { 74.81.81.82; };
>> NAMESVR is an acl, it could look like {74.81.0.0/16} or {any}
>>
>> Essentially it is a kind of bitmask, not a list of IPs.
>>> options {
>>>        directory "/var/cache/bind";
>>>        recursion no;
>>>        version "unknown";
>>>        allow-transfer { NAMESVR; };
>>>        also-notify { NAMESVR; };
>> All notifys must have a list of IPs, if the acl was any, you would have 
>> to notify the full internet. The mechanism is designed to accept only a 
>> list of IPs. It can not accept an acl.
also-notify{ 74.81.81.82;}
>>>        allow-update { 127.0.0.1; };
>>> };
>>>
>>>
>>> # zone begins
>>> zone "test.com" {
>>>        type master;
>>>        file "/var/cache/bind/test.com.db";
>>>        allow-transfer { NAMESVR; 74.81.81.81; };
also-notify { 74.81.81.82; 74.81.81.81; };
>>> };
>>>
>>>
>>> When I run named-checkconf I got the error:
>>>
>>> # named-checkconf
>>> /etc/bind/named.conf:8: expected IP address near 'NAMESVR'
>>>
>>> Please help. Thanks.
>>>
>>>
>>>
>>>
>>> 于 2012-12-13 15:23, Mark Andrews 写道:
>>>> In message<50C9818E.2060303 at nsbeta.info>, Feng He writes:
>>>>> Hello,
>>>>>
>>>>> I have the allow-transfer{} section in the global options{} block.
>>>>>
>>>>> But for a special zone, I want to include another IP to allow transfer
>>>>> besides the global IPs.
>>>>>
>>>>> Is there a also-allow-transfer option in BIND?
>>>>> If not how to control this?
>>>> acl xxx { };
>>>>
>>>> options {
>>>> 	allow-transfer { xxx; };
>>>> };
>>>>
>>>> zone "yyy" {
>>>> 	allow-transfer { xxx; extra; };
>>>> };
>>>>
>>>>> Thanks.

-- 
Best regards

Sten Carlsen

No improvements come from shouting:
       "MALE BOVINE MANURE!!!"

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20121213/5dadc630/attachment.html>

More information about the bind-users mailing list