Does "allow-transfer" work properly?
AM
am at am.am
Wed Oct 4 18:07:03 UTC 2006
Hi guys,
I have a nameserver with the IP address = 15.113.159.60 and the following named.conf
## named.conf - configuration for bind
#
# Generated automatically by bindconf, alchemist et al.
controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};
include "/etc/rndc.key";
options {
directory "/var/named/";
};
[CUT]
zone "rcs.xt" {
type slave;
file "rcs.xt.zone";
masters { 112.124.16.162; };
allow-transfer { 15.113.159.60; };
};
I didn't write the named.conf but it seems to me that the master can allow transfers only from itself. Obviously it's
not required to ask the zone rcs.xt from itself but from the master. That rule applies just for that zone. The others
can be pulled by anyone (ok it's not securing and I'm about to put a full stop to this behavior). For me the rule
written above doesn't make sense.
Then, there is another server that acts as total backup for all the zones of 15.113.159.60 (included rcs.xt)
What it's weird to me is that the second one gets always an update list of the zone even if shouldn't! (I check it
looking at the timestamp of the file on the second server). I didn't checked by adding or removing hosts in that zone on
112.124.16.162.
BTW I can not access 112.124.16.162.
Am I using the wrong method to see if "allow-transfer" does its job properly or is there anything I'm missing?
TIA
Alex.
More information about the bind-users
mailing list