A Zone Transfer Question
Darcy Kevin (FCA)
kevin.darcy at fcagroup.com
Fri Feb 19 21:25:20 UTC 2016
As pointed out previously, however, with a 1-minute REFRESH, NOTIFY is pretty much a non-issue.
- Kevin
-----Original Message-----
From: Darcy Kevin (FCA)
Sent: Friday, February 19, 2016 4:25 PM
To: BIND Users
Subject: RE: A Zone Transfer Question
How do you suppose named knows where to send the NOTIFY messages? It's only "automatic" to the nameservers listed in the NS records of the zone. But you didn't list your slave, did you? I seem to recall there was only 1 NS record, and that's presumably the master...
- Kevin
-----Original Message-----
From: bind-users-bounces at lists.isc.org [mailto:bind-users-bounces at lists.isc.org] On Behalf Of David Li
Sent: Friday, February 19, 2016 3:56 PM
To: John Miller
Cc: BIND Users
Subject: Re: A Zone Transfer Question
Hi John,
Sorry I missed the options. I attached them below.
I didn't have allow-transfer, allow-notify and also-notify. I only have allow-query. I read somewhere that NOTIFY is automatic for all slave zones. Is this the problem?
For VM1 named.conf
options {
directory "/var/named";
allow-query {
10.4.1/24;
127.0.0.1;
};
};
For VM2 named.conf
options {
directory "/var/named";
allow-query {
10.4.3/24;
127.0.0.1;
};
};
On Fri, Feb 19, 2016 at 12:33 PM, John Miller <johnmill at brandeis.edu> wrote:
> Hi David,
>
> Something I'm not seeing in your config is an options {} block that
> lays out your defaults for allow-transfer, allow-notify, also-notify,
> etc. Those are important things to know when it comes to
> troubleshooting zone transfer issues. Unless you've got a specific
> reason for not doing so, please include your entire named.conf file -
> it'll make life much easier.
>
> And if you've solved things already - ignore!
>
> John
>
> On Fri, Feb 19, 2016 at 2:01 PM, David Li <dlipubkey at gmail.com> wrote:
>> Hi John,
>>
>> Here are the files. They are all internal zones without any
>> references to external name servers.
>>
>> VM1:
>> ====
>>
>> named.conf:
>> -------------
>>
>> #
>> # master (on VM1)
>> #
>> zone "rack1.com" {
>> type master;
>> file "/var/named/db.rack1.com";
>> allow-update { key rndc-key-rack1; }; # For DHCP dynamic update
>> };
>>
>> #
>> # slave (on VM2)
>> #
>> zone "rack3.com" {
>> type slave;
>> file "/var/named/bak.rack3.com";
>> masters { 10.4.3.101; }; #VM3 named IP };
>>
>>
>> zone file:
>> /var/named/db.rack1.com
>> -------------------------
>>
>> $ORIGIN .
>> $TTL 907200 ; 1 week 3 days 12 hours
>> rack1.com IN SOA dnsserver1.rack1.com. admin.rack1.com. (
>> 8 ; serial
>> 60 ; refresh (1 minute)
>> 60 ; retry (1 minute)
>> 604800 ; expire (1 week)
>> 3600 ; minimum (1 hour)
>> )
>> NS dnsserver1.rack1.com.
>> $ORIGIN rack1.com.
>> dnsserver1 A 10.4.1.101
>>
>> $TTL 3600 ; 1 hour
>> node1 A 10.4.1.11
>> TXT "007ddd47ea6ddcd890312de89e37bde496"
>> node2 A 10.4.1.12
>> TXT "316a8d5e65fbd9f853df6d90ad1f24ecac"
>> node3 A 10.4.1.13
>> TXT "009da8179478f9169cb47965e53d19f134"
>>
>> On VM2
>> =======
>>
>>
>>
>> named.conf file
>> ---------------
>>
>>
>>
>>
>> #
>> # Master
>> #
>> zone "rack3.com" {
>> type master;
>> file "/var/named/db.rack3.com";
>> allow-update { key rndc-key-rack3; }; # For DHCP update };
>>
>>
>> #
>> # Slave
>> #
>> zone "rack1.com" {
>> type slave;
>> file "/var/named/bak.rack1.com";
>> masters { 10.4.1.101; }; # VM1 named IP address
>> };
>>
>>
>>
>>
>> zone file:
>> ----------
>>
>> $ORIGIN .
>> $TTL 907200 ; 1 week 3 days 12 hours
>> rack3.com IN SOA dnsserver3.rack3.com. admin.rack3.com. (
>> 2 ; serial
>> 60 ; refresh ()
>> 60 ; retry ()
>> 604800 ; expire (1 week)
>> 3600 ; minimum (1 hour)
>> )
>> NS dnsserver3.rack3.com.
>> $ORIGIN rack3.com.
>> dnsserver3 A 10.4.3.101
>> $TTL 3600 ; 1 hour
>> node1 A 10.4.3.11
>> TXT "001395d7d2a164c7efde811584bbc470b9"
>>
>>
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
bind-users mailing list
bind-users at lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
More information about the bind-users
mailing list