Problems with ACLs in BIND 8.2.3? What am I doing wrong?

Vigeant, Wayne Wayne.Vigeant at compaq.com
Wed May 23 20:52:28 UTC 2001 

You need a ";" after the acl name under the zone declarations in your
named.conf (external.conf). This is true for both the allow-transfer and
the also-notify and you do need the quotes around the acl names:

zone "example.com" IN {
  type master;
  file "example.external.zone";
  check-names fail;
  allow-update { none; };
  allow-transfer { "externaldns"; };
  also-notify { "externaldns"; };
 };
 
zone "232.70.10.in-addr.arpa" in {
  type master;
  file "217.70.10.zone";
  check-names fail;
  allow-update { none; };
  allow-transfer { "externaldns"; };
  also-notify { "externaldns"; };
 };


- Wayne


> 
> 
> When I start the DNS with this is what I get in the log:
> 
> May 23 14:54:59 dns01 named[23570]: [ID 295310 daemon.notice] starting
> (/var/dns/PSNLbind8/external/external.conf).  named 8.2.3-REL Thu Feb 
> 1 21:05:18 MET 2001 May 23 14:54:59 dns01
> paulz at seldoff:/home/paulz/src/sol26/bind-8.2.3/src/bin/named May 23
> 14:54:59 dns01 named[23570]: [ID 295310 daemon.error]
> /var/dns/PSNLbind8/external/external.conf:50: syntax error near
> "externaldns" May 23 14:54:59 dns01 named[23570]: [ID 295310
> daemon.error] /var/dns/PSNLbind8/external/external.conf:51: syntax
> error near '}' May 23 14:54:59 dns01 named[23570]: [ID 295310
> daemon.error] /var/dns/PSNLbind8/external/external.conf:59: syntax
> error near "externaldns" May 23 14:54:59 dns01 named[23570]: [ID
> 295310 daemon.error] /var/dns/PSNLbind8/external/external.conf:60:
> syntax error near '}' May 23 14:54:59 dns01 named[23571]: [ID 295310
> daemon.notice] Ready to answer queries.
> 
> Here is a copy of the named.conf file (or, external.conf in this
> case):
> 
> -START-
> // This is a configuration file for named (from BIND 8.1 or later). //
> It would normally be installed as /etc/named.conf.
> 
> acl "internaldns" {
>  10.1.1.10; 10.1.1.11;
> };
> 
> acl "externaldns" {
>  10.1.2.10; 10.1.2.11;
> };
> 
> options {
>  directory "/var/dns/PSNLbind8/external";
>  dump-file "external_dump.db";
>  pid-file "external_named.pid";
>  check-names master warn;		/* default. */
>  datasize 20M;
>  recursion no;
>  fetch-glue no;
>  listen-on { 10.1.2.1; };
>  version "secret";
> };
> 
> controls {
>         unix "/var/run/PSNLbind8/ndc.d/external.ndc" perm 0770 owner
>         210 
> group 40 ;
> };
> 
> zone "localhost" IN {
>  type master;
>  file "localhost.zone";
>  check-names fail;
>  allow-update { none; };
>  allow-transfer { none; };
> };
> 
> zone "0.0.127.in-addr.arpa" IN {
>  type master;
>  file "127.0.0.zone";
>  check-names fail;
>  allow-update { none; };
>  allow-transfer { none; };
> };
> 
> zone "example.com" IN {
>  type master;
>  file "example.external.zone";
>  check-names fail;
>  allow-update { none; };
>  allow-transfer { "externaldns" };
>  also-notify { "externaldns" };
> };
> 
> zone "232.70.10.in-addr.arpa" in {
>  type master;
>  file "217.70.10.zone";
>  check-names fail;
>  allow-update { none; };
>  allow-transfer { "externaldns" };
>  also-notify { "externaldns" };
> };
> -STOP-

More information about the bind-users mailing list