Zone Transfer

Khaled Hussein khaled at palnet.com
Tue Mar 14 07:35:14 UTC 2006 

Thank for your reply and here are the configuration files 

Slave file 

// $FreeBSD: src/etc/namedb/named.conf,v 1.15.2.3 2005/03/23 17:35:58 dougb
Exp $
//
// Refer to the named.conf(5) and named(8) man pages, and the documentation
// in /usr/share/doc/bind9 for more details.
//
// If you are going to set up an authoritative server, make sure you
// understand the hairy details of how DNS works.  Even with
// simple mistakes, you can break connectivity for affected parties,
// or cause huge amounts of useless Internet traffic.

key "key" {
        algorithm       hmac-md5;
        secret
"c3Ryb25nIGVub3VnaCBmb3IgYSBtYW4gYnV0IG1hZGUgZm9yIGEgd29tYW4K";
};

options {
        directory       "/etc/namedb";
        pid-file        "/var/run/named/pid";
        dump-file       "/var/dump/named_dump.db";
        statistics-file "/var/stats/named.stats";

// If named is being used only as a local resolver, this is a safe default.
// For named to be accessible to the network, comment this option, specify
// the proper IP address, or delete this option.
        listen-on       { 127.0.0.1; };

// If you have IPv6 enabled on this system, uncomment this option for
// use as a local resolver.  To give access to the network, specify
// an IPv6 address, or the keyword "any".
//      listen-on-v6    { ::1; };

// In addition to the "forwarders" clause, you can force your name
// server to never initiate queries of its own, but always ask its
// forwarders only, by enabling the following line:
//
//      forward only;

// If you've got a DNS server around at your upstream provider, enter
// its IP address here, and enable the line below.  This will make you
// benefit from its cache, thus reduce overall DNS traffic in the Internet.

        forwarders {
                      212.117.128.6;
                      192.116.16.26;    
        };

        /*
         * If there is a firewall between you and nameservers you want
         * to talk to, you might need to uncomment the query-source
         * directive below.  Previous versions of BIND always asked
         * questions using port 53, but BIND versions 8 and later
         * use a pseudo-random unprivileged UDP port by default.
         */
         //query-source address * port 53;
};

// If you enable a local name server, don't forget to enter 127.0.0.1
// first in your /etc/resolv.conf so this server will be queried.
// Also, make sure to enable it in /etc/rc.conf.


logging {
        category lame-servers { null; };
        category cname { null; };
        category default { default_syslog; default_debug; };
        category panic { default_syslog; default_stderr; };
//      category packet { default_debug; };
        category eventlib { default_debug; };
};
zone "shaml.org" { type slave; file "bak/shaml.org";masters { 192.116.16.26;
};};


And here is the Master




options {
        directory "/etc/namedb";
 forwarders {
#212.150.48.169;
212.117.128.6;
206.49.94.234;
#192.116.2.100;
};

        /*
         * If there is a firewall between you and nameservers you want
         * to talk to, you might need to uncomment the query-source
         * directive below.  Previous versions of BIND always asked
         * questions using port 53, but BIND 8.1 uses an unprivileged
         * port by default.
         */
          query-source address * port 53; 
         
        allow-transfer { 217.66.226.29; 217.66.231.15; 209.246.62.150;
212.106.64.7; 216.145.226.212; 63.99.217.20; 192.116.16.17; 2
17.66.232.98; 217.66.224.5; 209.242.0.183; 192.116.16.26; 212.29.201.4;
217.66.226.8; 206.49.94.234; 207.13.11.2; 192.116.16.90; 208
.162.200.4; 206.49.94.213; 212.29.201.11; 194.90.1.5; 192.231.91.1;
192.231.91.2; 213.244.124.3; 192.116.18.25; 212.29.201.34; 192.2
31.91.0/24; 192.116.16.7; 212.29.201.7; 192.116.16.90; 192.116.19.213;
204.255.25.63; 128.139.6.1; 132.66.32.10; 193.0.0.193; 194.90
.1.49;};


};
logging {
        category lame-servers { null; };
        category cname { null; };
        category default { default_syslog; default_debug; };
        category panic { default_syslog; default_stderr; };
//      category packet { default_debug; };
        category eventlib { default_debug; };
};  





I found these logs in the messages log file 

Mar 14 10:38:50 dns1 named[4396]: dns_rdata_fromtext: buffer-0xbfaeb520:1:
near eof: unexpected end of input
Mar 14 10:38:50 dns1 named[4396]: dns_sdlz_putrr returned error. Error code
was: unexpected end of input
Mar 14 10:38:50 dns1 named[4396]: dns_rdata_fromtext: buffer-0xbfaeb520:1:
near eof: unexpected end of input
Mar 14 10:38:50 dns1 named[4396]: dns_sdlz_putrr returned error. Error code
was: unexpected end of input
Mar 14 10:38:59 dns1 named[4396]: dns_rdata_fromtext: buffer-0xbfaeb520:1:
near eof: unexpected end of input
Mar 14 10:38:59 dns1 named[4396]: dns_sdlz_putrr returned error. Error code
was: unexpected end of input


**********************************
Khaled J. Hussein 
System Administrator           
Palnet Communications Ltd.
Hadara Technologies
http://www.palnet.com 
khaled at palnet.com
Tel.02/2403434. Fax.02/2403430 
**********************************


-----Original Message-----
From: bind-users-bounce at isc.org [mailto:bind-users-bounce at isc.org] On Behalf
Of Danny Mayer
Sent: Monday, March 13, 2006 4:36 AM
To: Barry Margolin
Cc: comp-protocols-dns-bind at isc.org
Subject: Re: Zone Transfer

Barry Margolin wrote:
> In article <dv0qpl$2f70$1 at sf1.isc.org>,
>  "Khaled Hussein" <khaled at palnet.com> wrote:
> 
>> Hi All 
>>  
>>
>> I have installed BIND DLZ and it is working fine but I have one problem
in
>> defining slave zones on my master server, I tried to add it in database
but
>> with no luck so I added it in the named.conf file but I still cannot get
the
>> zone on the server, I mean the server cannot transfer the zone and I
cannot
>> fine any logs even in my master server or in new one 
>>
>>  
>>
>> i add the new server IP address in the allow-transfer but with no luck 
> 
> On which server did you add this?  This should be on the master, not the 
> slave.
> 
>> I have tow DNS servers one as master and the other is slave, what is the
>> configuration should I put on both to work properly, the zone can
>> transferred from master to slave 
> 
> The master should have a "master" statement, the slave should have a 
> "slave" statement.  There are examples in the DNS & BIND book that show 
> exactly how they should look.
> 
>> And in the new server when I tried to run named.reload or other commands
I
>> got error message 
>>
>>  
>>
>> dns1# named.reload
>>
>> rndc: connect failed: connection refused
> 
> This usually means named isn't running.  Check your log to see why it's 
> crashing.
> 

Not really. It just means that named may not be listening on the port
that rndc is specified to use. There can be a number of different
reasons for that only one of which is that named is not running.

> Maybe you could post your named.conf files from the master and slave and 
> we can tell what's wrong.
> 

And the syslog files.

Danny

More information about the bind-users mailing list