What to report for "refresh: failure trying master ... operation canceled" bug?
schilling
schilling2006 at gmail.com
Tue Nov 22 00:02:11 UTC 2016
added both tcp and udp port 53, still seeing the log messages.
Best,
Shiling
On Mon, Nov 21, 2016 at 5:45 PM, Anand Buddhdev <anandb at ripe.net> wrote:
> On 22/11/2016 00:27, schilling wrote:
>
> > Thanks for the insight.
> > I added the following rule
> > sudo firewall-cmd --permanent --direct --get-all-rules
> > [sudo] password for admin:
> > ipv4 filter OUTPUT 0 -d 10.10.10.100 -p tcp -m tcp --dport=53 -j ACCEPT
> > where 10.10.10.100 is our DNS master, still receiving the error.
>
> Why have you only allowed TCP port 53? What about UDP port 53? BIND
> first sends a UDP query to the master for the zone's SOA record, to
> determine if it needs to transfer the zone or not.
>
> Regards,
> Anand
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20161121/05a1db6b/attachment.html>
More information about the bind-users
mailing list