Zone Transfer issue on BIND9
Jeremy C. Reed
jreed at isc.org
Fri Aug 24 13:39:19 UTC 2012
On Fri, 24 Aug 2012, snoop at email.it wrote:
> view "internal" {
...
> zone "1.16.172.in-addr.arpa" IN {
> type master;
> file "/etc/namedb/master/1.16.172.in-addr.arpa.ext.zone";
Previous zone file names in this same view were called "int". Why the
filename change? (ext means "external" even though in the internal
view?)
> ***SLAVE server (FreeBSD 9.0-RELEASE-p3 (amd64)|| BIND 9.8.1-P1)***
> key TSIG-KEY. {
...
> allow-notify { 171.XX.YY.27; 10.0.0.15; };
> listen-on { 171.XX.YY.27; 127.0.0.1; };
Is the allow-notify 171.XX.YY.27 address same as the listen-on
171.XX.YY.27 address? This is confusing as the allow-notify is a
different server and listen-on is this server.
> view "internal" {
> match-clients { !key TSIG-KEY; internal; datacentre; };
What defines that TSIG-KEY? Notice it doesn't have the trailing period
"TSIG-KEY." as defined earlier.
>From your later email:
> Files are identical within the DOMAIN, not the VIEW.
> For example, on the slave server:
> DOMAIN01.eu.int.zone
> DOMAIN01.eu.ext.zone
>
> are exactly the same (also same checksum)
Are they a copy of the internal or external view's zone on the master?
It is a little difficult to follow the configuration when using maybe
fake IP addresses, fake zone names, and fake filenames. You may want to
simplify your named.conf to bare minimum (two views and one zone each)
for initial testing.
More information about the bind-users
mailing list