Bind master keeps saying it is not authoritative
Xavier Humbert
xavier.humbert at ac-nancy-metz.fr
Thu Mar 2 08:32:51 UTC 2017
Hello, I cannot fix a master/slave problem on RHEL7 with bind 9.9.4. It
is a server in building process, in a LAN, so I cannot use tools like
Zonecheck. Please note that my boss explicitely asked me to anonymize
the zone name. I know this is useless.
I can provide named.conf files for both servers, but basically, I
disabled (commented out) all security related options, and added "any"
to all acls. The zones declaration are double checked :
Master :
zone "myzone.fr" {
type master;
file "/etc/named/internal/myzone.fr";
allow-transfer {my-slaves; };
};
Slave :
zone "myzone.fr" {
type slave;
file "/etc/named/slave/myzone.fr.db";
masters {172.29.16.135; };
};
When I initiate a zone transfer manually it works :
[root at slave etc]# dig @master axfr myzone.fr
; <<>> DiG 9.9.4-RedHat-9.9.4-38.el7_3.2 <<>> @master axfr myzone.fr
; (1 server found)
;; global options: +cmd
myzone.fr. 86400 IN SOA master.myzone.fr. dnsmaster.myzone.fr. 2017021602 28800 7200 604800 86400
...etc...
But, in normal operation (all zones loaded OK), when I look at the
master I got this :
xfer-out: info: client 172.29.16.133#57190 (myzone.fr): bad zone transfer request: 'myzone.fr/IN': non-authoritative zone (NOTAUTH)
And on the slave :
general: info: zone myzone.fr/IN: refresh: unexpected rcode (REFUSED) from master 172.29.16.135#53 (source 0.0.0.0#0)
general: info: zone myzone.fr/IN: Transfer started.
xfer-in: info: transfer of 'myzone.fr/IN' from 172.29.16.135#53: connected using 172.29.16.133#53836
xfer-in: error: transfer of 'myzone.fr/IN' from 172.29.16.135#53: failed while receiving responses: NOTAUTH
xfer-in: info: transfer of 'myzone.fr/IN' from 172.29.16.135#53: Transfer completed: 0 messages, 0 records, 0 bytes, 0.001 secs (0 bytes/sec)
I'm really lost. I've configured dozens of DNSs with no such problems.
Did I miss something obvious ?
Thanks in advance,
Xavier
--
Xavier Humbert
CRT Supervision et Exploitation de Niveau 1
Rectorat de Nancy-Metz
03 83 86 27 39
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20170302/84cfa8a2/attachment.html>
More information about the bind-users
mailing list