Zone transfer doesn't work
Barry Margolin
barmar at genuity.net
Tue May 14 16:13:01 UTC 2002
In article <abrcfl$1joj$1 at isrv4.isc.org>,
cyrustam888 <cyrustam888 at hotmail.com> wrote:
>
>Hi all,
>
>i setting up two DNS server(master and slave) on windows 2000 server
>both using BIND 9.2.1
>but i got some problem on zone transfer and W2k buildin TCP/IP
>filtering
>i know that for zone transfer the TCP port 53 that is required,
>so that i have enabled the TCP/IP filterning to allow TCP and UDP port
>53 only
>but the zone transfer doesn't work,
>i found that when i allow all UDP port on Slave server, then the zone
>transfer works.
>Any others UDP port that is required for zone transfer??
Before doing the zone transfer, the slave sends an SOA query using UDP (to
see if the serial number has increased). You need to allow the reply back
to the server.
You can use the "query-source" option to specify a particular source port
that will be used for queries like this, and then you will only need to
open that port on the slave.
--
Barry Margolin, barmar at genuity.net
Genuity, Woburn, MA
*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
Please DON'T copy followups to me -- I'll assume it wasn't posted to the group.
More information about the bind-users
mailing list