Internal Zone Transfers?

michaelbertelson at michaelbertelson at
Mon Jun 5 14:03:14 UTC 2006


I inherited some DNS servers which I am a little unsure about how to
properly get to do internal zone transfers for external (publicly
available) zones.

The basics of how it is setup right now are as follows:

When the slaves (as an example) perform a notify or zone transfer, they
automatically try to go to the external NAT'ed IP address for that name
server.  I have checked all the allow-notify, allow-update, etc,
statements, but they do not seem to be used for this purpose, as it
will always use the name servers specified in each zone file, which are
referenced in the external view zone files as an external IP address.

My understanding is that I cannot specify an internal IP address for
the A records for the name servers, as they are used by resolvers on
the Internet.  So I have no idea how to get internal zone transfers to
work properly.

How should this work?


