bind and strange error (8.0 w bind 9.2)
Hi, I am not sure if this is related to bind, SuSE security or some strange configuration that I should not be trying to do. Here is the scenario: Master Bind 9.2 on SuSE 8.0 (up to date on all packages as of today) Lives in IP address block of 64.x.x.x (co location facility) - not sure if this is an issue though. Slave Bind 9.2 on Mandrake 8.2 (also up to date) Lives in IP address block of 209.x.x.x (main location) No matter what I try, even with the following in the named.conf on the SuSE box, I still get errors on the slave saying "transfer denied from 64.x.x.x:53" On the SuSE box, it also throws in the error: client::ffff:209.117.10.10#33136: zone transfer denied Am I missing something here? I own this domain and the primary and secondary servers are registered as such with the NIC. I used to run them as both being "masters" but am tired of maintaining the files. But I just can't get the silly things to update the slave. Any bind experts out there? Or am I missing something in the setup on the host security wise? thanks Kat ------------------------------- (excerpt from master) zone "xyz.com" { type master; file "db.xyz"; notify yes; allow-transfer { 209.117.10.10; }; also-notify { 209.117.10.10; }; ------------------------------- (excerpt from slave) zone "xyz.com" { type slave; file "/var/named/db.xyz"; masters { 64.x.x.x; };
* kathee (kat@ezunx.com) [021105 05:37]:
------------------------------- (excerpt from master)
zone "xyz.com" { type master; file "db.xyz"; notify yes; allow-transfer { 209.117.10.10; }; also-notify { 209.117.10.10; };
------------------------------- (excerpt from slave) zone "xyz.com" { type slave; file "/var/named/db.xyz"; masters { 64.x.x.x; };
These snippets are fine, are there any other syntax errors logged to /var/log/messages when starting named? -- -ckm
Just this: (on the slave) transfer of 'xyz.com/IN' from 64.x.x.x#53: failed while receiving responses: REFUSED On Tue, 2002-11-05 at 12:16, Christopher Mahmood wrote:
* kathee (kat@ezunx.com) [021105 05:37]:
------------------------------- (excerpt from master)
zone "xyz.com" { type master; file "db.xyz"; notify yes; allow-transfer { 209.117.10.10; }; also-notify { 209.117.10.10; };
------------------------------- (excerpt from slave) zone "xyz.com" { type slave; file "/var/named/db.xyz"; masters { 64.x.x.x; };
These snippets are fine, are there any other syntax errors logged to /var/log/messages when starting named?
--
-ckm
-- Check the headers for your unsubscription address For additional commands send e-mail to suse-linux-e-help@suse.com Also check the archives at http://lists.suse.com Please read the FAQs: suse-linux-e-faq@suse.com
* kathee (kat@ezunx.com) [021105 09:53]:
Just this:
(on the slave)
transfer of 'xyz.com/IN' from 64.x.x.x#53: failed while receiving responses: REFUSED
Do you have a firewall in front of the nameserver? If so, you'll need to allow access to high udp ports and 53. -- -ckm
nope. n Tue, 2002-11-05 at 13:13, Christopher Mahmood wrote:
* kathee (kat@ezunx.com) [021105 09:53]:
Just this:
(on the slave)
transfer of 'xyz.com/IN' from 64.x.x.x#53: failed while receiving responses: REFUSED
Do you have a firewall in front of the nameserver? If so, you'll need to allow access to high udp ports and 53.
--
-ckm
-- Check the headers for your unsubscription address For additional commands send e-mail to suse-linux-e-help@suse.com Also check the archives at http://lists.suse.com Please read the FAQs: suse-linux-e-faq@suse.com
* kathee (kat@ezunx.com) [021105 10:34]:
transfer of 'xyz.com/IN' from 64.x.x.x#53: failed while receiving responses: REFUSED
Do you have a firewall in front of the nameserver? If so, you'll need to allow access to high udp ports and 53. nope.
Well, something is blocking port 53 on the master and it's not your bind configuration (unless there's something you aren't showing since you haven't posted the full configuration of the master). You haven't given the IPs so there's no way for anyone check. -- -ckm
participants (2)
-
Christopher Mahmood
-
kathee