also-notify and allow-notify

Blason R blason16 at gmail.com
Fri May 18 08:28:37 UTC 2018 

Thats correct taht worked for me and checking further now.

On Fri, May 18, 2018 at 1:23 PM, Warren Kumari <warren at kumari.net> wrote:

> On Fri, May 18, 2018 at 9:41 AM Blason R <blason16 at gmail.com> wrote:
>
> > Hi there,
>
> > Thanks for the update and here is my config and error I am getting. Can
> you please suggest correct method that should be implemented?
>
>
> I believe (but don't have a machine to confirm on) that the syntax should
> be:
>
> also-notify { 192.168.5.49 port 4444;};
>
> (note the lack of semicolon between the IP and "port 4444")
>
> W
>
>
> > **************************
> > zone "malware.trap" {
> >          type master;
> >          file "/var/lib/bind/zones/malware.trap.db";
> >          notify explicit;
> >          also-notify { 192.168.5.49; port 4444;};
> >          allow-transfer {192.168.5.49; };
> >          allow-query { localhost;};
> >          };
>
> > zone "whitelist.allow" {
> >          type master;
> >          file "/var/lib/bind/zones/whitelist.allow";
> >          notify explicit;
> >          also-notify { 192.168.5.49; port 4444;};
> >          allow-transfer {192.168.5.49; };
> >          allow-query { localhost;};
> >          };
>
> > zone "block.tld" {
> >          type master;
> >          file "/var/lib/bind/zones/block.tld.db";
> >          notify explicit;
> >          also-notify { 192.168.5.49; port 4444;};
> >          allow-transfer {192.168.5.49; };
> >          allow-query { localhost;};
> >          };
>
> > **********************************
>
>
>
> > May 18 13:04:42 dnsfw named[1134]: using up to 4096 sockets
> > May 18 13:04:45 dnsfw named[1134]: loading configuration from
> '/etc/bind/named.conf'
> > May 18 13:04:46 dnsfw named[1134]: /etc/bind/named.conf.default-
> zones:34:
> missing ';' before '4444'
> > May 18 13:04:46 dnsfw named[1134]: /etc/bind/named.conf.default-
> zones:43:
> missing ';' before '4444'
> > May 18 13:04:46 dnsfw named[1134]: /etc/bind/named.conf.default-
> zones:52:
> missing ';' before '4444'
> > May 18 13:04:46 dnsfw systemd[1]: bind9.service: Main process exited,
> code=exited, status=1/FAILURE
> > May 18 13:04:46 dnsfw rndc[1313]: rndc: connect failed: 127.0.0.1#953:
> connection refused
> > May 18 13:04:46 dnsfw systemd[1]: bind9.service: Control process exited,
> code=exited status=1
>
>
> > On Fri, May 18, 2018 at 12:08 AM, Matthew Pounsett <matt at conundrum.com>
> wrote:
>
>
>
> >> On 17 May 2018 at 13:30, Blason R <blason16 at gmail.com> wrote:
>
> >>> Hi,
>
> >>> I have RPZ installed on server and its acting as a master server but
> somehow port setting is not working on master
>
> >> [...]
>
>
> >>> So here I am sending notification  to 192.168.5.49 on port 4545; my
> queries are
>
> >>> How do I configure port on slave 4545 so that slave server can start
> listening on that port.
>
>
> >> Your slave needs to be listening on the correct IP/port to receive the
> NOTIFY.  In the current BIND Administrator's Reference Manual[0], the
> discussion on Interfaces starts at page 98.
>
>
> >>> And my master is failing  after restarting the services due to
> notify-them statement.
>
>
> >> You don't indicate what the error is, but I'm willing to bet it's the
> fact that you're trying to specify a masters list by name as well as a
> port.  If you look at the 'also-notify' statement definition, you can see
> that you're able to use a 'masters' list OR an IP address and port
> combination, but not both (ARM pp. 71).  You should specify the port number
> as part of the definition of the masters list, not where you use the
> masters list.
>
> >> [0]: <https://www.isc.org/bind-9-11-arm/>
>
>
>
> > _______________________________________________
> > Please visit https://lists.isc.org/mailman/listinfo/bind-users to
> unsubscribe from this list
>
> > bind-users mailing list
> > bind-users at lists.isc.org
> > https://lists.isc.org/mailman/listinfo/bind-users
>
>
>
> --
> I don't think the execution is relevant when it was obviously a bad idea in
> the first place.
> This is like putting rabid weasels in your pants, and later expressing
> regret at having chosen those particular rabid weasels and that pair of
> pants.
>     ---maf
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20180518/f1c55926/attachment.html>

More information about the bind-users mailing list