Does "allow-transfer" work properly?

AM am at
Wed Oct 4 18:07:03 UTC 2006

Hi guys,

I have a nameserver with the IP address = and the following named.conf

## named.conf - configuration for bind
# Generated automatically by bindconf, alchemist et al.
controls {
         inet allow { localhost; } keys { rndckey; };

include "/etc/rndc.key";

options {
         directory "/var/named/";


zone "rcs.xt" {
         type slave;
         file "";
         masters {; };
         allow-transfer {; };

I didn't write the named.conf but it seems to me that the master can allow transfers only from itself. Obviously it's 
not required to ask the zone rcs.xt from itself but from the master. That rule applies just for that zone. The others 
can be pulled by anyone (ok it's not securing and I'm about to put a full stop to this behavior). For me the rule 
written above doesn't make sense.

Then, there is another server that acts as total backup for all the zones of (included rcs.xt)
What it's weird to me is that the second one gets always an update list of the zone even if shouldn't! (I check it 
looking at the timestamp of the file on the second server). I didn't checked by adding or removing hosts in that zone on
BTW I can not access

Am I using the wrong method to see if "allow-transfer" does its job properly or is there anything I'm missing?



More information about the bind-users mailing list