secoundary ns - not authoritative

Gaebel Michael (MGI DCS) Gaebel at mgi.de
Thu Aug 15 16:49:47 UTC 2002


Hello you have to say, that he is a scondary:

zone "example.com" IN {
  type slave;
  file "filename
  masters port 53 {
    master-ip-adress
  };
};

-----Original Message-----
From: Alexander Newald [mailto:alexander at newald.de] 
Sent: Thursday, August 15, 2002 4:48 PM
To: comp-protocols-dns-bind at isc.org
Subject: secoundary ns - not authoritative


Hello,

with the help and information of all of you I setup a primary and secoundary
ns with bind (9.2.1).

But I run into a problem. Whenever the primary sends a zone transfer to the
secoundary the 2nd tells the it is not authoritative for the zone. Ok, bind
is right. I do not have a zone file for the zone that should be updated with
tone transfer.

How can I tell bind the it should be authoritative for all zones with
zonetransfers from on ip?

my named.conf of the secoundary looks like:

acl localnet    {
        192.168.1.0/24;
        127.0.0.1;
        };


options {
        directory "/etc/bind";
        pid-file "/etc/bind/named.pid";
        dump-file "/etc/bind/named.database.db";
        statistics-file "/etc/bind/named.stats";
        max-transfer-time-in 15;
        max-transfer-idle-in 7;
        max-transfer-time-out 15;
        max-transfer-idle-out 7;
        transfers-in 10;
        transfers-out 10;
        serial-query-rate 25;
        files 512;
        recursive-clients 256;
        tcp-clients 256;
        max-cache-size 10485760;
        cleaning-interval 10;
        allow-notify { localnet; };
        };

zone "teddy" {
        type master;
        allow-query {
                localnet;
        };
        allow-transfer {
                localnet;
        };
        file "/opt/bind-9.2.1/etc/teddy.hosts";
        };

zone "." {
        type hint;
        file "/opt/bind-9.2.1/etc/db.cache";
        };

zone "1.168.192.in-addr.arpa" {
        type master;
        file "/opt/bind-9.2.0/etc/192.168.1.rev";
        };

key "rndc-key" {
      algorithm hmac-md5;
      secret "************************";
};

controls {
        inet 127.0.0.1 port 953 allow { 127.0.0.1;  } keys { "rndc-key"; };
};


Thanks,

Alexander Newald





More information about the bind-users mailing list