Secondary Server and Firewall??
Kevin Darcy
kcd at daimlerchrysler.com
Tue May 9 22:42:42 UTC 2000
Albert Kasper wrote:
> Hi,
>
> I've got a primary Nameserver (bind) and a secondary nameserver (NT).
> I want to propagate changes to the secondary nameserver, and change requests
> are sent to the secondary nameserver (at least they are written into the
> log).
I'm not sure what you mean by "change requests". Do you mean that
NOTIFY messages are being received by the secondary? Or do you mean that zone
transfers are actually being logged? If zone transfers are being logged, then
I'd say it must be a problem on the NT side, since once the zone transfer is
done, a BIND master has no more involvement.
> However, the information is never replicated. I suspect the firewall to be
> the victim, but how? Ports 53 and 123 are open both for UDP and TCP. Does a
> secondary nameserver need any special ports?
Port 123 is for NTP and has nothing to do with DNS.
You need to make sure that destination port 53 to the master and source port 53
from the master are open. As for the ports that NT uses as source ports for its
zone transfers, I have no idea.
- Kevin
More information about the bind-users
mailing list