Question on Bind 8.2.2P5
Barry Margolin
barmar at bbnplanet.com
Tue Feb 8 20:39:42 UTC 2000
In article <200E2FA22B2AD2119AC000104B6A0A8601A24026 at PSBMAIL1>,
Bhangui_S <Bhangui_S at bls.gov> wrote:
>Hello
> Just now upgraded BIND from 4.9.4 P1 to 8.2.2P5 on Solaris 2.6. Most
>of the things went fine without any hassles and the named came up fine after
>reboot. My machines resolve names looking at the DNS on which I upgarded te
>BIND. But on the Solaris 2.6 machine which has Bind 8.2.2P5 running I see
>the folowoing messages in "/var/adm/messages" these messages are repeated at
>regaulr intervals. I am just going to put few messgaes. Th equestions I have
>
>
>1. What do the messages mean? Is there a problem in the way BIND is working
>on my machine. Overall it looks to be working fine.
They indicate that 128.231.200.34, 166.96.240.2, and 129.231.201.32 are
trying to transfer zones from your machine, but those addresses aren't in
the allow-transfer option in your names.conf.
>2. How do I get rid of these messages? What files will I have to edit it at
>all I can get rid of these messages?
Are these other machines supposed to be slave servers for your domains? If
so, edit named.conf and fix the allow-transfer option to include them.
By default, named allows anyone to transfer. So the only way these could
have been excluded in the first place is if you put in an allow-transfer
option yourself. If you used named-bootconf to convert your named.boot
file to named.conf, the allow-transfer option would have come from the
xfrnets option in the old named.boot file.
>eb 8 14:54:59 dcgate named[137]: unapproved AXFR from
>[128.231.200.34].37791 f
>or "142.146.in-addr.arpa" (acl)
>Feb 8 14:56:09 dcgate named[137]: unapproved AXFR from [166.96.240.2].56647
>for
> "bls.gov" (acl)
>Feb 8 14:56:34 dcgate named[137]: unapproved AXFR from
>[128.231.201.32].45099 f
>or "142.146.in-addr.arpa" (acl)
--
Barry Margolin, barmar at bbnplanet.com
GTE Internetworking, Powered by BBN, Burlington, MA
*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
Please DON'T copy followups to me -- I'll assume it wasn't posted to the group.
More information about the bind-users
mailing list