order of nameserver upgrade?
Mark Andrews
Mark_Andrews at isc.org
Thu Feb 9 21:44:04 UTC 2006
> bob prohaska's usenet account <bp at www.zefox.net> wrote:
> > Mark Andrews <Mark_Andrews at isc.org> wrote:
> >>
> >> It really doesn't matter. Newer versions are less tolerent
> >> of configuration errors.
> >>
> I've decided to upgrade the slave to FreeBSD 5.4 using Bind 9.3.2, leaving
> for now the master running FreeBSD 5.1 running Bind 9.3.2 taken from an
> older version of the ports tree.
>
> A strawman FreeBSD 5.4 slave can load and serve all the routeable addresses
> but reports
>
> Feb 8 20:49:50 ns3 named[275]: transfer of '192.235.239.69.in-addr.arpa/IN'
> from 192.168.1.4#53: failed while receiving responses: permission denied
File system permission problems. There will be a earlier log
message giving the location.
> This looks like a permissions problem on the slave, but the entire /etc/named
> b
> subtree is owned by bind with group wheel. On the new 5.4 slave named runs as
>
> user bind, on the old 5.1 master bind runs as root.
>
> There is no "allow transfer" directive on the master, a FreeBSD
> 5.1 box, so anybody can transfer zones.
>
> One possible trap is that the master and slave refer to each other using
> unroutable 192.168.1.xxx IP addresses, is that my error?
>
> There's not much to the zones; www.zefox.com, www.zefox.org and
> www.zefox.net, with ns1.zefox.net and ns2.zefox.net as nameservers.
> >From the outside all looks ok, but inside the new slave something
> seems amiss.
>
> Any counsel on where to look for trouble would be most appreciated!
>
> bob prohaska
>
>
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews at isc.org
More information about the bind-users
mailing list