Trouble create slave zones

Chris Buxton cbuxton at menandmice.com
Mon Mar 31 17:44:00 UTC 2008 

You didn't say whether the slave server is also behind the firewall.  
If it is, I would guess that the non-authoritative answer is coming  
from the firewall, not from the actual master server. What happens if  
you set the master server address in your zone statement to 192.168.1.1?

Chris Buxton
Professional Services
Men & Mice

On Mar 31, 2008, at 9:57 AM, Eric B. wrote:
> Hi,
>
> I'm trying to set up bind 9.2.4 to create slave zones on my machine  
> for a
> bunch of dns zones.  The master is a Win2K Server running it's built- 
> in DNS
> (not Active Directory).
>
> My named.conf file lists the following:
> options {
>        directory "/var/named";
>        dump-file "/var/named/data/cache_dump.db";
>        statistics-file "/var/named/data/named_stats.txt";
>        zone-statistics yes;
>        notify yes; // notify the above IP's when a zone is updated
>        pid-file "/var/run/named/named.pid";
>        transfer-format many-answers; // Generates more efficient zone
> transfers
>        listen-on { any; };
> };
>
> include "/etc/rndc.key";
>
> zone "mydomain.biz.dns" IN { type slave; file "slaves/ 
> mydomain.biz.dns";
> masters { 198.20.1.1; }; };
>
>
> // Include logging config file
> include "/var/named/conf/logging.conf";
>
>
>
> However, if I look at /var/log/named/general.log, I see the  
> following error
> messages:
> Mar 31 12:26:25.902 zone mydomain.biz.dns/IN: refresh: non- 
> authoritative
> answer from master 198.20.1.1#53
>
> This is confusing me extremely.  If I check the configuration on the  
> master
> server, the zone is configured as the primary server.  If it is of  
> any help,
> I can also post the actual dns conf file for the zone on the W2K  
> server.
>
> The only thing I can think of is that my zone's NS records point to  
> my DNS
> server's public address, even though my DNS server is actually  
> behind a
> firewall and has an internal address:
>
> ;    Zone NS recors
> @                             NS    ns1.mydomain.biz
> ns1.mydomain.biz.    A        198.20.1.1
>
> But my primary server's address is actually 192.168.1.1 (and mapped to
> 198.20.1.1 through my firewall rules).
>
>
> Is this a configuration problem of bind, the Win2K server, or the  
> actual
> zone information within the DNS server?
>
> Any help, ideas, suggestions would be greatly appreciated.
>
> Thanks,
>
> Eric
>
>
>
>
>

More information about the bind-users mailing list