zone transfers fail
RB
rbaki2002 at yahoo.com
Fri Jun 10 14:25:31 UTC 2005
I’m get the following DNS errors when trying to do a zone transfer. I am not able to figure out where it’s failing. The master and slave configuration s are listed below the log entries. Any help would be appreciated. Thanks in advance.
(These are private zones, not publicly accessible.)
Jun 10 11:01:42.421 general: debug 3: zone zone1.com/IN: requesting IXFR from 10.10.0.165#53
Jun 10 11:01:42.423 general: debug 3: req_response: request 1bfa88: success
Jun 10 11:01:42.423 general: debug 3: req_cancel: request 1bfa88
Jun 10 11:01:42.423 general: debug 3: req_sendevent: request 1bfa88
Jun 10 11:01:42.424 general: debug 1: refresh_callback: zone zone3.com/IN: enter
Jun 10 11:01:42.424 general: debug 3: dns_request_getresponse: request 1bfa88
Jun 10 11:01:42.424 general: debug 1: refresh_callback: zone zone3.com/IN: serial: new 2005060600, old 2005060100
Jun 10 11:01:42.424 general: debug 3: dns_request_destroy: request 1bfa88
Jun 10 11:01:42.425 general: debug 3: req_destroy: request 1bfa88
Jun 10 11:01:42.425 general: debug 3: requestmgr_detach: 1b9458: eref 1 iref 0
Jun 10 11:01:42.425 general: debug 1: queue_xfrin: zone zone3.com/IN: enter
Jun 10 11:01:42.426 general: debug 3: zone zone3.com/IN: requesting IXFR from 10.10.0.165#53
Jun 10 11:01:42.535 general: debug 1: zone zone3.com/IN: zone transfer finished: REFUSED
Jun 10 11:01:42.537 general: debug 1: zone zone1.com/IN: zone transfer finished: REFUSED
Jun 10 11:01:42.920 general: debug 1: soa_query: zone zone2.com/IN: enter
Jun 10 11:01:42.920 general: debug 3: dns_request_createvia
//# Start of primary namedb9.conf
controls {
inet 127.0.0.1 port 953
allow { 127.0.0.1; } keys { "rndc-key"; };
};
key "rndc-key" {
algorithm hmac-md5;
secret "secretkeyhasbeenchanged”;
};
acl "internals" { 10.10.0.0/24; };
options {
directory "/usr/local/etc/namedb" ;
pid-file "named.pid";
allow-query { internals; };
version "[secured]";
};
zone "." { type hint; file "db.root"; };
zone "localhost" {
type master;
file "db.localhost";
notify no;
};
zone "0.0.127.in-addr.arpa" {
type master;
file "db.localhost.rev";
notify no;
};
zone "zone1.com" in {
type master;
file "db.zone1.com";
allow-transfer {
key secret-key.;
};
};
zone "0.10.10.in-addr.arpa" in {
type master;
file "db.0.10.10";
allow-transfer {
key secret-key.;
};
};
zone "zone2.com" in {
type master;
file "db.zone2.com";
allow-transfer {
key secret-key.;
};
};
zone "zone3.com" in {
type master;
file "db.zone3.com";
allow-transfer {
key secret-key.;
};
};
server 10.10.0.164 {
keys {secret-key. ;};
};
logging {
channel "named9_system_channel" {
file "named9_system.log" versions 10 size 50m;
print-severity yes;
print-time yes;
print-category yes;
severity debug 11;
};
category "general" {
"named9_system_channel";
};
};
# End of primary DNS namedb9.conf
# Start of secondary DNS namedb9.conf
controls {
inet 127.0.0.1 port 953
allow { 127.0.0.1; } keys { "rndc-key"; };
inet 10.10.0.164 allow { 127.0.0.1;
10.10.0.165;
} keys { "rndc-key"; };
};
key "rndc-key" {
algorithm hmac-md5;
secret "secretkeyhasbeenchanged
};
acl "internals" { 10.10.0.0/24; };
options {
directory "/usr/local/etc/namedb" ;
pid-file "named.pid";
allow-query { internals; };
version "[secured]";
allow-transfer { none; };
};
zone "." { type hint; file "db.root"; };
zone "localhost" {
type master;
file "db.localhost";
notify no;
};
zone "0.0.127.in-addr.arpa" {
type master;
file "db.localhost.rev";
notify no;
};
zone "zone1.com" in {
type slave;
file "db.zone1.com";
masters { 10.10.0.165 key secret-key.; };
};
zone "0.10.10.in-addr.arpa" in {
type slave;
file "db.0.10.10";
masters { 10.10.0.165 key secret-key.; };
};
zone "zone2.com" in {
type slave;
file "db.zone2.com";
masters { 10.10.0.165 key secret-key.; };
};
zone "zone3.com" in {
type slave;
file "db.zone3.com";
masters { 10.10.0.165 key secret-key.; };
};
server 10.10.0.165 {
keys {secret-key. ;};
};
logging {
channel "named9_system_channel" {
file "named9_system.log" versions 10 size 50m;
print-severity yes;
print-time yes;
print-category yes;
severity debug 11;
};
category "general" {
"named9_system_channel";
};
};
# End of secondary namedb9.conf
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
More information about the bind-users
mailing list