Slave DNS server permission denied ?

Tim Polito polito at hughes.net
Sat Sep 2 12:30:44 UTC 2006


I'm running two Red Hat Enterprise AS Linux 4 servers each with BIND 9 in a closed (not internet accessible) network. 
Server name	Role				IP Address (last two octets)
Palpatine	primary DNS			X.X.244.100
Binks		secondary/slave DNS		X.X.244.14


Palpatine zones load without error and DNS functions as expected. In palpatine "named.conf", I have the "allow transfer" statement
with binks' IP address listed. In binks "named.conf", slave zones I have palpatine's IP address in the "allow transfer" statement.
Both servers are using the same "rndc" key because I copied the key file from palpatine to binks. "Named" is set as the user and
group for all files and directories from /var/named and below (including chroot directories).

Watching the error log (/var/log/messages), when binks attempts to transfer the zone from palpatine, it gets "permission denied" for
both the forward and reverse zone transfers. Coincidentally, when both palpatine and binks are set up as slaves to a Windows DNS
server, they get permission denied also; despite making the Windows DNS configuration wide open (allow transfers to any server).

I realize I'm probably missing a very small detail or something silly but can't nail it down.

Tim Polito
Windows 2000 MCSE & 2000/2003 MCSA
A+ & Network+ Certified Technician





More information about the bind-users mailing list