Secondary DNS Issues
Bryce Fischer
setup the following zone from my primary NS:
(named.conf.local)
zone "gwatdesigns.com" {
type master;
file "/etc/bind/zones/gwatdesigns.com.db";
allow-transfer {
87.98.164.164; 195.234.42.1;
};
};
where the two IP addresses are those given by xname.org for secondary
NS.
The only error I"m seeing in syslog is:
Dec 22 09:44:38 jupiter named[5209]: client 87.98.164.164#45789: zone
transfer 'gwatdesigns.com/AXFR/IN' denied
Configuration on XName seem pretty straight forward. I set the
following form fields:
Primary Nameserver IP: 207.192.71.243
Allow Transfers From: Master Only
Not sure what else to look for. It seems to me that I have the master
setup correctly, but I'm willing to bet I've forgotten something that
is probably obvious.
Thanks
_______________________________________________
bind-users mailing list
bind-...@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
Bryce Fischer
> I'm trying to use xname.org to use as secondary DNS servers. I have
> setup the following zone from my primary NS:
>
> (named.conf.local)
>
> zone "gwatdesigns.com" {
> =A0 =A0 =A0 =A0 file "/etc/bind/zones/gwatdesigns.com.db";
> =A0 =A0 =A0 =A0 allow-transfer {
> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 87.98.164.164; 195.234.42.1;
> =A0 =A0 =A0 =A0 };
>
> };
>
> where the two IP addresses are those given by xname.org for secondary
> NS.
>
> The only error I"m seeing in syslog is:
>
> Dec 22 09:44:38 jupiter named[5209]: client 87.98.164.164#45789: zone
> transfer 'gwatdesigns.com/AXFR/IN' denied
>
> Configuration on XName seem pretty straight forward. I set the
> following form fields:
>
> Primary Nameserver IP: 207.192.71.243
> Allow Transfers From: Master Only
>
> Not sure what else to look for. It seems to me that I have the master
> setup correctly, but I'm willing to bet I've forgotten something that
> is probably obvious.
As it may be applicable, this is the result from
root@jupiter:/etc# dig @ns1.berzerker-soft.com gwatdesigns.com axfr
; <<>> DiG 9.4.2-P1 <<>> @ns1.berzerker-soft.com gwatdesigns.com axfr
; (1 server found)
;; global options: printcmd
; Transfer failed.
Which is also the results from the xname.org log file.
Kirk
> On Dec 22, 9:52 am, Bryce Fischer <br...@berzerker-soft.com> wrote:
>> I'm trying to use xname.org to use as secondary DNS servers. I have
>> setup the following zone from my primary NS:
>>
>> (named.conf.local)
>>
>> zone "gwatdesigns.com" {
>> type master;
>> file "/etc/bind/zones/gwatdesigns.com.db";
>> allow-transfer {
>> 87.98.164.164; 195.234.42.1;
>> };
>>
>> };
>>
>> where the two IP addresses are those given by xname.org for secondary
>> NS.
>>
>> The only error I"m seeing in syslog is:
>>
>> Dec 22 09:44:38 jupiter named[5209]: client 87.98.164.164#45789: zone
>> transfer 'gwatdesigns.com/AXFR/IN' denied
>>
>> Configuration on XName seem pretty straight forward. I set the
>> following form fields:
>>
>> Primary Nameserver IP: 207.192.71.243
>> Allow Transfers From: Master Only
>>
>> Not sure what else to look for. It seems to me that I have the master
>> setup correctly, but I'm willing to bet I've forgotten something that
>> is probably obvious.
>
> root@jupiter:/etc# dig @ns1.berzerker-soft.com gwatdesigns.com axfr
>
> ; <<>> DiG 9.4.2-P1 <<>> @ns1.berzerker-soft.com gwatdesigns.com axfr
> ; (1 server found)
> ;; global options: printcmd
> ; Transfer failed.
>
> Which is also the results from the xname.org log file.
Are you certain your configs are the same on your ns1 and
ns2.berzerker-soft.com.
I am able to do zone transfers from your ns2 just fine but not ns1.
dig @NS2.BERZERKER-SOFT.COM. gwatdesigns.com. axfr
; <<>> DiG 9.5.0-P2 <<>> @NS2.BERZERKER-SOFT.COM. gwatdesigns.com. axfr
; (1 server found)
;; global options: printcmd
gwatdesigns.com. 1500 IN SOA ns1.berzerker-soft.com.
root.gwatdesigns.com. 2008120302 28800 3600 604800 38400
gwatdesigns.com. 1500 IN A 207.192.71.243
gwatdesigns.com. 1500 IN NS ns1.berzerker-soft.com.
gwatdesigns.com. 1500 IN NS ns2.berzerker-soft.com.
gwatdesigns.com. 1500 IN MX 10 mail.gwatdesigns.com.
gwatdesigns.com. 1500 IN MX 1 ASPMX.L.GOOGLE.COM.
gwatdesigns.com. 1500 IN MX 5 ALT1.ASPMX.L.GOOGLE.COM.
gwatdesigns.com. 1500 IN MX 5 ALT2.ASPMX.L.GOOGLE.COM.
gwatdesigns.com. 1500 IN MX 10 ASPMX2.GOOGLEMAIL.COM.
gwatdesigns.com. 1500 IN MX 10 ASPMX3.GOOGLEMAIL.COM.
gwatdesigns.com. 1500 IN MX 10 ASPMX4.GOOGLEMAIL.COM.
calendar.gwatdesigns.com. 1500 IN CNAME ghs.google.com.
docs.gwatdesigns.com. 1500 IN CNAME ghs.google.com.
ftp.gwatdesigns.com. 1500 IN A 207.192.71.243
mail.gwatdesigns.com. 1500 IN CNAME ghs.google.com.
ssh.gwatdesigns.com. 1500 IN A 207.192.71.243
www.gwatdesigns.com. 1500 IN A 207.192.71.243
gwatdesigns.com. 1500 IN SOA ns1.berzerker-soft.com.
root.gwatdesigns.com. 2008120302 28800 3600 604800 38400
Bryce Fischer
On Dec 22, 10:38=A0am, Kirk <b...@kirkb.net> wrote:
> Bryce Fischer wrote:
> > On Dec 22, 9:52 am, Bryce Fischer <br...@berzerker-soft.com> wrote:
> >> I'm trying to use xname.org to use as secondary DNS servers. I have
> >> setup the following zone from my primary NS:
>
> >> (named.conf.local)
>
> >> zone "gwatdesigns.com" {
> >> =A0 =A0 =A0 =A0 type master;
> >> =A0 =A0 =A0 =A0 file "/etc/bind/zones/gwatdesigns.com.db";
> >> =A0 =A0 =A0 =A0 allow-transfer {
> >> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 87.98.164.164; 195.234.42.1;
> >> =A0 =A0 =A0 =A0 };
>
> >> };
>
> >> where the two IP addresses are those given by xname.org for secondary
> >> NS.
>
> >> The only error I"m seeing in syslog is:
>
> >> Dec 22 09:44:38 jupiter named[5209]: client 87.98.164.164#45789: zone
> >> transfer 'gwatdesigns.com/AXFR/IN' denied
>
> >> Configuration on XName seem pretty straight forward. I set the
> >> following form fields:
>
> >> Primary Nameserver IP: 207.192.71.243
> >> Allow Transfers From: Master Only
>
> >> Not sure what else to look for. It seems to me that I have the master
> >> setup correctly, but I'm willing to bet I've forgotten something that
> >> is probably obvious.
>
> > As it may be applicable, this is the result from
> > root@jupiter:/etc# dig @ns1.berzerker-soft.com gwatdesigns.com axfr
>
> > ; <<>> DiG 9.4.2-P1 <<>> @ns1.berzerker-soft.com gwatdesigns.com axfr
> > ; (1 server found)
> > ;; global options: =A0printcmd
> > ; Transfer failed.
>
> > Which is also the results from the xname.org log file.
>
> Are you certain your configs are the same on your ns1 and
> ns2.berzerker-soft.com.
ns2 was originally supposed to be the slave, and ns1 was the master.
I'm moving from ns2 because they are on the same network, and was
hoping to use xname to provide secondary DNS.
> I am able to do zone transfers from your ns2 just fine but not ns1.
But, this brings up the other issue I was moving from NS2 as a slave.
It was having issues retrieving zone information from NS1, and I had
thought it was an issue with NS2. For the domain in question, it would
always retrieve an older version of the zone record, no matter if the
primary serial was greater than the slave. This is the configuration
for the domain on NS2:
zone "gwatdesigns.com" {
type slave;
file "/etc/bind/zones/gwatdesigns.com.db";
masters { 207.192.71.243; };
};
where 207.192.71.243 is the IP address of the NS1.
> dig @NS2.BERZERKER-SOFT.COM. gwatdesigns.com. axfr
<snip response from NS2.berzerker-soft.com>
After you posted this, I realized I should check the other domains I
am hosting to see if it was the configuration of this particular
domain.
dig @ns1.berzerker-soft.com sebringfans.com axfr
returns the correct information for this domain, so I am going to try
to see what might be different about the two domain records on the
primary server.
Thanks again for the response.