order of nameserver upgrade?
Mark_Andrews at isc.org
Thu Feb 9 21:44:04 UTC 2006
> bob prohaska's usenet account <bp at www.zefox.net> wrote:
> > Mark Andrews <Mark_Andrews at isc.org> wrote:
> >> It really doesn't matter. Newer versions are less tolerent
> >> of configuration errors.
> I've decided to upgrade the slave to FreeBSD 5.4 using Bind 9.3.2, leaving
> for now the master running FreeBSD 5.1 running Bind 9.3.2 taken from an
> older version of the ports tree.
> A strawman FreeBSD 5.4 slave can load and serve all the routeable addresses
> but reports
> Feb 8 20:49:50 ns3 named: transfer of '22.214.171.124.in-addr.arpa/IN'
> from 192.168.1.4#53: failed while receiving responses: permission denied
File system permission problems. There will be a earlier log
message giving the location.
> This looks like a permissions problem on the slave, but the entire /etc/named
> subtree is owned by bind with group wheel. On the new 5.4 slave named runs as
> user bind, on the old 5.1 master bind runs as root.
> There is no "allow transfer" directive on the master, a FreeBSD
> 5.1 box, so anybody can transfer zones.
> One possible trap is that the master and slave refer to each other using
> unroutable 192.168.1.xxx IP addresses, is that my error?
> There's not much to the zones; www.zefox.com, www.zefox.org and
> www.zefox.net, with ns1.zefox.net and ns2.zefox.net as nameservers.
> >From the outside all looks ok, but inside the new slave something
> seems amiss.
> Any counsel on where to look for trouble would be most appreciated!
> bob prohaska
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews at isc.org
More information about the bind-users