AXFR no auth - but transfer allowed

Jim Reid jim at
Sun Mar 26 21:40:56 UTC 2000

>>>>> "Ulrich" == Ulrich Wisser <u.wisser at> writes:

    Ulrich> Hello, I try to register my reverse address domain with
    Ulrich> Deutsche Telekom.  Therefor I configured the following
    Ulrich> zone:

	zone "" in {
		type master;
	        file "";
	        allow-query { any; };
	        allow-transfer{;       #
	              ;     #
	              ;       # Reverse Nameserver
	              ;       # Diagnose DTAG ZID Muenster
	              ;      # Diagnose DTAG NOC
	              ;      # Diagnose DTAG NIC
	              ;      # Nameservertest DTAG NIC

    Ulrich> But when I send my registration the Testnameserver is
    Ulrich> denied transfer. That is what my named says:

    Ulrich> 23-Mar-2000 10:42:48.684 security: notice: unapproved AXFR
    Ulrich> from [].54864 for ""
    Ulrich> (not auth)

    Ulrich> What is wrong?

If the zone statement is *exactly* like it was shown above, then
there's another syntax error. "" will
not be part of a comment as you presumably intended. Everything from a
hash character '#' to the end of a line is treated as a comment, but
the string is on another
line. This'll mean the name server is treating it as a syntactic token
and getting rather upset because it's neither a dotted decimal IP
address or statement terminator that it's expecting. The name server
will have complained about this error when it read named.conf. [Did
you read the logs?] The parser will probably have had to ignore
everything after that error until it found the end of the zone{}

BTW, there's no white space between the "allow-transfer" keyword and
the opening brace '{'. This is probably not a good idea, even though
named's parser allows it. Your use of white space has made things
*less* easier to read and introduced a syntax error.

More information about the bind-users mailing list