Transfers denied.

[nocturnal]

Hi

I was working on the DNS setup yesterday and today at work i notice one 
of the slaves denying transfers from the master. I have no idea what 
i've done. All the clocks are synced with ntpdate twice each week. The 
following is part of my named.conf for the master with the ip-address 
replaced for an internal one.

options {
         directory "/etc/namedb";
         version "975.4.2";
         allow-transfer { slave1; slave2; };
         pid-file "/var/run/named.pid";
         dump-file "s/named_dump.db";
         listen-on { master; };
         also-notify { slave1; slave2; };
};

Here is also part of the named.conf for one of my slaves. I have 
replaced the ip-addresses.
options {
         directory "/etc/namedb";
         version "975.4.2";
         allow-transfer { slave2; master; };
         pid-file "/var/run/named.pid";
         dump-file "s/named_dump.db";
         listen-on { slave1; };
         also-notify { master; slave2; };
         allow-notify { master; };
};

I did not have the also-notify in the slaves before, it was added today 
out of desperation. I doubt i need it in slaves?

This is the error i get in the system messages of slave1. The name of 
the zone and the ip-address of the master have been replaced.
Jan 27 15:10:54 ns1 named[26532]: transfer of 'zone1/IN' from master#53: 
failed to connect: connection refused

The nameservers have worked fine for a while, had some errors yesterday 
but got those fixed thanks for Mark Andrews here on the list so this is 
not a new setup. My company has used BIND9 for quite a while but that 
does not prevent us from doing stupid mistakes. ;)

master = my master dns
slave1 = the first slave dns and also the one that is generating errors
slave2 = another slave which is supposed to be an almost exact mirror of 
slave1 except for maybe allow-transfer
-- 



Med vänliga hälsningar

Stefan Midjich aka nocturnal
[Swehack] http://swehack.se