; Transfer failed. on dig axfr with bind9
phn at icke-reklam.ipsec.nu
phn at icke-reklam.ipsec.nu
Tue Oct 19 15:53:17 UTC 2004
Clemens Bergmann <cbergmann at schuhklassert.de> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> hi,
> first of all thanks for the fast reply.
> <snip>
>> 1/
>> your external view misses hint zone=20
> k fixed
>>
>> 2/ you use forwarders. In a few special cases is this needed but in most =
>> (all?)
>> cases it will only complicate things and get worse performance. Get rid o=
>> f them !
>>
> deleted
>> 3/
>> slave for "2nd-angel.de" is 212.227.123.31 ( according to delegation)
>> You allow 212.227.123.29 Is this intentional ?
>>
> yes, this is the slave on my providers side for which i need AXFR.
>> 4/
>> in spite of your good idea to have config+files avaliable "on demand" i g=
>> et :
>> You don't have permission to access /bind/zones/2nd-angel.de.zone on this=
>> server.
>> (this might not mean that there is a fault in the file only that i cannot=
>> verify it)
>>
> sorry about that I forgot to change permissions to 644 on the server. Should work now.
> in the config dir the perms are as follows:
> - -rw-r--r-- 1 bind bind 95 2004-10-17 20:09 dnskeys.conf
> - -rw-r--r-- 1 bind bind 2,3K 2004-10-18 21:40 named.conf
> - -rw-r--r-- 1 root bind 2,5K 2004-10-18 11:09 root.hint
> drwxr-xr-x 2 bind bind 4,0K 2004-10-18 21:01 zones/
> ./zones:
> - -rw------- 1 bind bind 590 2004-10-18 10:56 1.0.0.0.2.c.1.8.0.c.5.0.1.0.0.2.ip6.arpa
> - -rw------- 1 bind bind 415 2004-10-18 10:57 127.0.0.zone
> - -rw------- 1 bind bind 527 2004-10-18 19:07 192.168.0.zone
> - -rw------- 1 bind bind 313 2004-10-18 10:57 192.168.1.zone
> - -rw------- 1 bind bind 456 2004-10-18 10:58 2nd-angel.de.zone
> - -rw------- 1 bind bind 1,5K 2004-10-18 21:01 home.loc.zone
> - -rw------- 1 bind bind 603 2004-10-18 16:56 ipv6.home.loc.zone
> - -rw------- 1 bind bind 165 2004-10-18 10:58 localhost.zone
>>
>> (and your english is fully understandable, this is a technical discussion=
>> group
>> not an english grammar contest !)
> thanks
> That were some usefull tips but they did not fix my problem. You don't have any other suggestions?
> Clemens
Well, lift the restriction of "allow-transfer" and tell us the ip
of master then we could test. As for now the ISP slave seems to
work, i see no reason it should not work for you.
> - --
> Besuchen sie uns doch im Internet:
> http://www.schuhklassert.de
> Visit us in the Internet:
> http://www.schuhklasssert.de
> pgp key:
> 0xCB9C7C6B
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.6 (GNU/Linux)
> iD8DBQFBdB+D/9rd+8ucfGsRAm7wAKClwckLTSKaOst/UPpdlPYCCn9RdACg7ZS/
> w7cbkAeoZxeeNwMOiVj43kA=
> =4gnv
> -----END PGP SIGNATURE-----
--
Peter Håkanson
IPSec Sverige ( At Gothenburg Riverside )
Sorry about my e-mail address, but i'm trying to keep spam out,
remove "icke-reklam" if you feel for mailing me. Thanx.
More information about the bind-users
mailing list