allow-transfer

[Barry Margolin]

In article <cg3pep$23v0$1 at sf1.isc.org>, "Linda" <lindahu at noc.ttn.net> 
wrote:

> Hi,
> If dns.aaa.com is the master and dns.isp.com is the slave, should I config 
> allow-transfer in named.conf of dns.aaa.com for dns.isp.com?

Yes.  Slaves pull from masters, so the master has to allow the slave to 
do this.

> 
> If dns.isp.com is one of the NS records in the zone file, should I still 
> config allow-transfer in the named.conf?
>                 IN      NS      dns.aaa.com.
>                 IN      NS      dns.isp.com.

Yes.  named uses the NS records to decide who to send NOTIFY messages to 
(by default), but it doesn't use it to override the allow-transfer ACL.

-- 
Barry Margolin, barmar at alum.mit.edu
Arlington, MA
*** PLEASE post questions in newsgroups, not directly to me ***