Slave DNS server permission denied ?

Mark Andrews Mark_Andrews at isc.org
Wed Sep 6 23:27:15 UTC 2006


> I'm running two Red Hat Enterprise AS Linux 4 servers each with BIND 9 in a c
> losed (not internet accessible) network. 
> Server name	Role				IP Address (last two octets)
> Palpatine	primary DNS			X.X.244.100
> Binks		secondary/slave DNS		X.X.244.14
> 
> 
> Palpatine zones load without error and DNS functions as expected. In palpatin
> e "named.conf", I have the "allow transfer" statement
> with binks' IP address listed. In binks "named.conf", slave zones I have palp
> atine's IP address in the "allow transfer" statement.
> Both servers are using the same "rndc" key because I copied the key file from
>  palpatine to binks. "Named" is set as the user and
> group for all files and directories from /var/named and below (including chro
> ot directories).
> 
> Watching the error log (/var/log/messages), when binks attempts to transfer t
> he zone from palpatine, it gets "permission denied" for
> both the forward and reverse zone transfers. Coincidentally, when both palpat
> ine and binks are set up as slaves to a Windows DNS
> server, they get permission denied also; despite making the Windows DNS confi
> guration wide open (allow transfers to any server).
> 
> I realize I'm probably missing a very small detail or something silly but can
> 't nail it down.
> 
> Tim Polito
> Windows 2000 MCSE & 2000/2003 MCSA
> A+ & Network+ Certified Technician

	Filesystem permissions and/or SELinux.

	http://www.isc.org/sw/bind/FAQ.php
--
ISC Training!  October 16-20, 2006, in the San Francisco Bay Area,
covering topics from DNS to DHCP.  Email training at isc.org.
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark_Andrews at isc.org


More information about the bind-users mailing list