Zone transfer updates

Charu Kamath charu.bhargava at estelcom.com
Thu Mar 18 05:59:52 UTC 2004 

that's true Kevin.
I faced the same problem with my slave server...took that statement out of
there n it was fine..
Matthew u should try this...
Rgds Charu

-----Original Message-----
From: bind-users-bounce at isc.org [mailto:bind-users-bounce at isc.org]On
Behalf Of Kevin Darcy
Sent: Saturday, March 13, 2004 4:22 AM
To: 'bind-users at isc.org'
Subject: Re: Zone transfer updates


Holdsworth, Matthew wrote:

>Dear All,
>
>I've just upgraded our BIND version from 8 to 9 and have discovered a
>difference which means it aint working now!!! So, was wondering if you kind
>chaps could point me in the right direction.
>
>This is the part of the config that seems to be the bother:
>
>options {
>        directory "/etc/namedfiles";
>        datasize 100M;
>        listen-on { 10.10.10.10; 20.20.20.20; 30.30.30.30; };
>};
>
>zone "myzone.one.two.three" IN {
>        type slave;
>        file "db.myzone.one.two.three";
>        masters { 99.99.99.99; };
>        allow-update { 99.99.99.99; };
>        allow-transfer { none; };
>};
>
>This was used in the BIND 8 version of our named.conf. However, when using
>this same config file on our BIND 9 installation we get errors stating that
>the 'allow-update' option cannot be used in the slave zone
>'myzone.one.two.three'. These appear when trying to start named process.
>
>Please bear in mind we're running this on a Solaris UNIX installation.
>
Well, what is it that you're trying to accomplish by putting that
"allow-update" in the slave-zone definition? Updates cannot be accepted
directly on slaves, so they would have to be forwarded (to the master),
refused or dropped. BIND 8 wasn't smart enough to forward the updates,
so I fail to see how you're going to lose any functionality by just
taking the "allow-update" statement out of there. If you do in fact want
to avail yourself of BIND 9's update-forwarding capabilities, then you
need to configure it via the "allow-update-forwarding" statement. See
the docs, paying special heed to the security implications of forwarding
updates.


                                    - Kevin

More information about the bind-users mailing list