BIND 9.2.1 refusing NOTIFY
Mark_Andrews at isc.org
Mark_Andrews at isc.org
Fri Nov 8 23:36:00 UTC 2002
> 16:54:12.515168 62.177.1.105.53041 > 213.92.8.2.53: [udp sum ok] 3097 notify
> [b2&3=0x2400] SOA? linux.it. [|domain] (DF) (ttl 54, id 0, len 54)
> 16:54:12.515872 213.92.8.2.53 > 62.177.1.105.53041: [udp sum ok] 3097 notify
> Refused- q: SOA? linux.it. 0/0/0 (26) (DF) (ttl 64, id 0, len 54)
>
> options {
> ...
> allow-query { friends; };
> allow-recursion { friends; };
> allow-transfer { none; };
>
> match-mapped-addresses yes;
> listen-on-v6 { any; };
> listen-on { none; };
> }
>
> zone "linux.it" {
> type slave; file "linux.it";
> masters { 62.177.1.105; };
> allow-query { any; };
> allow-transfer { ... };
> };
>
> The config file looks right, what else can I check?
>
> I'm running BIND 9.2.1 on both hosts.
>
> Nothing appears in the log file, and if I force reloading the zone
> everything works ok:
>
> Nov 8 16:59:28 attila named[9315]: zone linux.it/IN: transfered serial 20021
> 10800
> Nov 8 16:59:28 attila named[9315]: transfer of 'linux.it/IN' from 62.177.1.1
> 05#53: end of transfer
> Nov 8 16:59:28 attila named[9315]: zone linux.it/IN: sending notifies (seria
> l 2002110800)
Well since you are listening on IPv6 only the address
presented will be mapped. match-mapped-addresses only
affects acl processing and masters isn't a acl.
You should be able to use a mapped address in the masters
clause (::ffff:62.177.1.105). Othewise look at
lib/dns/zone.c:dns_zone_notifyreceive() and unmap the from address.
Note this configuration won't work in 9.3 as we have improved
the seperation of IPv4 and IPv6.
Mark
> --
> ciao, |
> Marco | * The Internet is full. Go away. -- Joel Furr *
>
--
Mark Andrews, Internet Software Consortium
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark.Andrews at isc.org
More information about the bind-users
mailing list