order of nameserver upgrade?
bob prohaska's usenet account
bp at www.zefox.net
Thu Feb 9 05:38:26 UTC 2006
bob prohaska's usenet account <bp at www.zefox.net> wrote:
> Mark Andrews <Mark_Andrews at isc.org> wrote:
>>
>> It really doesn't matter. Newer versions are less tolerent
>> of configuration errors.
>>
I've decided to upgrade the slave to FreeBSD 5.4 using Bind 9.3.2, leaving
for now the master running FreeBSD 5.1 running Bind 9.3.2 taken from an
older version of the ports tree.
A strawman FreeBSD 5.4 slave can load and serve all the routeable addresses
but reports
Feb 8 20:49:50 ns3 named[275]: transfer of '192.235.239.69.in-addr.arpa/IN' from 192.168.1.4#53: failed while receiving responses: permission denied
This looks like a permissions problem on the slave, but the entire /etc/namedb
subtree is owned by bind with group wheel. On the new 5.4 slave named runs as
user bind, on the old 5.1 master bind runs as root.
There is no "allow transfer" directive on the master, a FreeBSD
5.1 box, so anybody can transfer zones.
One possible trap is that the master and slave refer to each other using
unroutable 192.168.1.xxx IP addresses, is that my error?
There's not much to the zones; www.zefox.com, www.zefox.org and
www.zefox.net, with ns1.zefox.net and ns2.zefox.net as nameservers.
More information about the bind-users
mailing list