allow-transfer {none;} doesn't seem to work.

Gang Chen gchen10031 at yahoo.com
Fri Jul 15 14:49:38 UTC 2005


Folks:

I have an option as allow-transfer { none;}; to
disable any host to request a zone transfer but when I
do a nslookup I can still do zone trasfer. Is there a
bug or 
I don't understand it correctly? 

The following is the configuraiton file:

key rndc_key
{
    algorithm "hmac-md5";
    secret
"c3Ryb25nIGVub3VnaCBmb3IgYSBtYW4gYnV0IG1hZGUgZm9yIGEgd29tYW4K";
};

controls
{
    inet 127.0.0.1 allow { localhost; } keys {
rndc_key; };
};

options
{
    directory "/var/dns-config/dbs";
    query-source address * port 53;
    version "Adonis Server (www.abc.com)";
};

view "default" 
{
    transfer-source 172.20.210.3;
    notify-source 172.20.210.3;
    match-clients { any; };
    allow-transfer { none; };

    zone "bcn.com"
    {
        type master;
        file "default/zone_bcn.com";

    };

    zone "210.18.172.in-addr.arpa"
    {
        type master;
        file "default/zone_210.18.172.in-addr.arpa";

    };

    zone "210.20.172.in-addr.arpa"
    {
        type master;
        file "default/zone_210.20.172.in-addr.arpa";

    };
};

Then I do nslookup:
nslookup
> server 172.20.210.3
> ls -d bcn.com

Strangely, I got the records in that zone which means
zone transfer is successful. 
Can anybody throw some light to me please?

Thanks a lot!



Gang Chen




		
____________________________________________________
Start your day with Yahoo! - make it your home page 
http://www.yahoo.com/r/hs 
 



More information about the bind-users mailing list