allow-transfer not covering ixfr requests?
Torsten Segner
torsten at segner.eu
Wed Sep 28 10:44:30 UTC 2011
Am Tue, 27 Sep 2011 22:03:44 +0200
schrieb "Tom Schmitt" <TomSchmitt at gmx.de>:
>
> >
> > The odd part is that both NS3 and NS4 weren't able to request ixfr
> > transfers.
> > Shouldn't allow-transfer cover these kind of transfer requests as well?
> >
>
>
> First: Do you have statements "provide ixfr;" and "request ixfr;" in your config?
>
> Second: To do a ixfr a server is first sending a query for the SOA of the zone to determine if a update is necessary. If your servers aren't allowed to do a query, how should they get the SOA? And without a SOA, you don't have the serial number of the zone, so you can't do IXFR.
>
Silly me... I forgot about the SOA requests triggered by a manual ixfr. :(
Ciao
Torsten
More information about the bind-users
mailing list