Bind master keeps saying it is not authoritative

Xavier Humbert xavier.humbert at ac-nancy-metz.fr
Thu Mar 2 08:32:51 UTC 2017 

Hello, I cannot fix a master/slave problem on RHEL7 with bind 9.9.4. It
is a server in building process, in a LAN, so I cannot use tools like
Zonecheck. Please note that my boss explicitely asked me to anonymize
the zone name. I know this is useless.

I can provide named.conf files for both servers, but basically, I
disabled (commented out) all security related options, and added "any"
to all acls. The zones declaration are double checked :

Master :
zone "myzone.fr" {
        type master;
        file "/etc/named/internal/myzone.fr";
        allow-transfer {my-slaves; };
};

Slave :
zone "myzone.fr" {
        type slave;
        file "/etc/named/slave/myzone.fr.db";
        masters {172.29.16.135; };
};


When I initiate a zone transfer manually it works :

[root at slave etc]# dig @master axfr myzone.fr

; <<>> DiG 9.9.4-RedHat-9.9.4-38.el7_3.2 <<>> @master axfr myzone.fr
; (1 server found)
;; global options: +cmd
myzone.fr. 86400 IN     SOA     master.myzone.fr. dnsmaster.myzone.fr. 2017021602 28800 7200 604800 86400
...etc...


But, in normal operation (all zones loaded OK), when I look at the
master I got this :

xfer-out: info: client 172.29.16.133#57190 (myzone.fr): bad zone transfer request: 'myzone.fr/IN': non-authoritative zone (NOTAUTH)


And on the slave :

general: info: zone myzone.fr/IN: refresh: unexpected rcode (REFUSED) from master 172.29.16.135#53 (source 0.0.0.0#0)
general: info: zone myzone.fr/IN: Transfer started.
xfer-in: info: transfer of 'myzone.fr/IN' from 172.29.16.135#53: connected using 172.29.16.133#53836
xfer-in: error: transfer of 'myzone.fr/IN' from 172.29.16.135#53: failed while receiving responses: NOTAUTH
xfer-in: info: transfer of 'myzone.fr/IN' from 172.29.16.135#53: Transfer completed: 0 messages, 0 records, 0 bytes, 0.001 secs (0 bytes/sec)


I'm really lost. I've configured dozens of DNSs with no such problems.
Did I miss something obvious ?

Thanks in advance,

Xavier

-- 
Xavier Humbert
CRT Supervision et Exploitation de Niveau 1
Rectorat de Nancy-Metz
03 83 86 27 39

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20170302/84cfa8a2/attachment.html>

More information about the bind-users mailing list