BIND DNS 9.2.3/Slave Zone Transfers

Mark Andrews Mark_Andrews at
Mon Jan 10 22:14:32 UTC 2005

> I have two servers setup with SuSE Linux 9 with BIND 9.2.3
> Configured BIND with Webmin on server aacns0 with three zones
> The same on aacns1 with three slave zones for aacns0.
> Also congiured for two external slaves maintained by my ISP
> The problem I am having is that the slaves can not get/do zone
> transfers with the primary NS aacns0, or with the ISP's external NS.
> Firewall is not an issue, that I can tell, is allowing traffic in/out
> between external/internal servers. I get the following error message in
> the /var/log/warn logfile;
> on the master
> Jan 10 11:29:58 aacns0 named[3792]:client ::ffff:
> zone transfer '' denied
> were is the slave

	Linux's IPv6 stack is BROKEN.  It doesn't handle more specific
	IPv4 sockets when there is a wildcard IPv6 socket.

	Use match-mapped-addresses;

> on the slave
> Jan 10 11:30:38 aacns1 named[3792]: transfer of ''
> from failed while receiving responses: REFUSED
> were is the primary
> Same message for the external NS on the primary DNS.
> As best I can tell the config of the named.conf file is correct and
> should be allowing updates of the slaves, however this is not occuring,
> the above messages are logged on the primary and slave.
> Thanks for any help
> Steve Daniel
> Network Admin
> Affiliated Acceptance Corp.
