unapproved AXFR..?

Barry Margolin barmar at genuity.net
Wed Jan 2 16:51:42 UTC 2002 

In article <a0s186$bnj at pub3.rc.vix.com>,
v.nagasrinivas <cheluvi at yahoo.com> wrote:
>       I am given domain extention from domain stph.net to
>yvlsw.stph.net
>for binding to one ip address 196.12.36.78 with network mask
>255.255.255.224
>(but the subnet is having 32 machines, out of one , as mentioned
>earlier, is allocated to me ). And NS and MX for my domain
>(yvlsw.stph.net) is mentioned to
>my machine connected to Internet..
>
>But i am getting the following error prints on my machine ( Which runs
>NetBSD 1.5)..
>
>yvlsw named[429]: unapproved AXFR from [196.12.36.78].65531 for
>"yvlsw.stph.net"
>(not master/slave).
>
>why these prints are coming..and also i could't send to my mail
>accounts on my

This message means that the machine 196.12.36.78 has the following in its
configuration:

zone "yvlsw.stph.net" {
  type slave;
  master { <your machine's address>; };
  ...
};

If your machine is supposed to be hosting DNS for this domain, it should be
configured as the master, not a slave.

Also, your machine doesn't seem to be connected to the network; it doesn't
respond to ping or DNS at all when I try to query it.

>domain..from outside..they are looping back and finally getting back
>with
>error message sent by postfix mail software..

Since you haven't configured your domain properly, the delegation doesn't
work.

>Here one more question is on a subnet can't we give a domain PTR to
>only one
>machine IP..and make it as dns server for the domain on the subnet,
>and having some other domains like that.. Could't be a wrong
>concept..?

The administrator of the 36.12.198.in-addr.arpa zone can put the following
in their reverse DNS:

78 IN NS yvlsw.yvlsw.stph.net.

On your server, you would put the following in named.conf:

zone "78.36.12.198.in-addr.arpa"
  type master;
  file "db.reverse";
};

and in db.reverse you would put:

@ IN SOA yvlsw.yvlsw.stph.net. cheluvi.yahoo.com. (
                  ... ; the usual SOA parameters
                  )
  IN NS yvlsw.yvlsw.stph.net.
  IN PTR yvlsw.yvlsw.stph.net.

-- 
Barry Margolin, barmar at genuity.net
Genuity, Woburn, MA
*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
Please DON'T copy followups to me -- I'll assume it wasn't posted to the group.

More information about the bind-users mailing list