Unable to get Zone transfer to work
Vincent Yonemitsu
vince at soilengineersltd.com
Thu Dec 20 16:45:18 UTC 2007
Ok,
I have a pair of Bind servers 9.xx running on fedora.
These are sitting on IP's 192.168.1.10 and 192.168.1.11 master and slave
respectively.
They have static Nats to the outside world of 99.99.99.10 and 99.99.99.11
I am unable to get the master zone on the master to transfer to the slave.
Here is my named.conf on the master
[root at ns1 named]# cat /etc/named.conf
acl "trusted" {
localhost;
192.168.0.0/24;
192.168.1.0/24;
};
options {
directory "/var/named";
allow-recursion { trusted; };
allow-query { trusted; };
allow-notify {192.168.1.11; };
version "get lost";
listen-on {
192.168.1.10;
127.0.0.1;
};
forwarders {
207.181.101.4;
207.181.101.5;
};
forward first;
recursion yes;
};
logging{
channel example_log{
file "/var/log/named/example.log" versions 3 size 2m;
severity info;
print-severity yes;
print-time yes;
print-category yes;
};
category default{
example_log;
};
};
zone "." {
type hint;
file "/var/named/root.servers";
};
zone "mydomain.com" in{
type master;
file "/var/named/mydomain.com.zone";
allow-transfer {192.168.1.11;};
};
Here is the mydomain.com zone file.
[root at ns1 named]# cat mydomain.com.zone
$TTL 86400
mydomain.com. IN SOA ns1.mydomain.com. ns2.mydomain.com. (
200712201
60
3600
604800
38400
)
mydomain.com. IN NS ns1.mydomain.com.
mydomain.com. IN NS ns2.mydomain.com.
mydomain.com. IN MX 10 mail.mydomain.com.
www IN A 99.99.99.230
mail IN A 99.99.99.229
ns1 IN A 192.168.1.10
ns2 IN A 192.168.1.11
ldap IN A 99.99.99.232
iis IN A 99.99.99.231
dms IN A 99.99.99.234
brback IN A 99.99.99.233
Here is the named.conf file on the Slave
data dynamic named.ca named.empty named.localhost named.loopback
root.servers slaves
[root at ns2 named]#
[root at ns2 named]# ls
data dynamic named.ca named.empty named.localhost named.loopback
root.servers slaves
[root at ns2 named]# ls
data dynamic named.ca named.empty named.localhost named.loopback
root.servers slaves
[root at ns2 named]# ls
data dynamic named.ca named.empty named.localhost named.loopback
root.servers slaves
[root at ns2 named]# ls
data dynamic named.ca named.empty named.localhost named.loopback
root.servers slaves
[root at ns2 named]# ls
data dynamic named.ca named.empty named.localhost named.loopback
root.servers slaves
[root at ns2 named]# ls
data dynamic named.ca named.empty named.localhost named.loopback
root.servers slaves
[root at ns2 named]# ls
data dynamic named.ca named.empty named.localhost named.loopback
root.servers slaves
[root at ns2 named]# service named stop
Stopping named: [ OK ]
[root at ns2 named]# vi soilengineersltd.com
[root at ns2 named]# service named start
Starting named: [ OK ]
[root at ns2 named]# ls
data named.ca named.localhost root.servers soilengineersltd.com
dynamic named.empty named.loopback slaves
[root at ns2 named]# service named stop
Stopping named: [ OK ]
[root at ns2 named]# vi soilengineersltd.com.zone
[root at ns2 named]# service named start
Starting named: [ OK ]
[root at ns2 named]# cat soilengineersltd.com.zone
[root at ns2 named]# rm soilengineersltd.com
rm: remove regular empty file `soilengineersltd.com'? y
[root at ns2 named]# ls
data named.ca named.localhost root.servers
soilengineersltd.com.zone
dynamic named.empty named.loopback slaves
[root at ns2 named]# cat named.conf
cat: named.conf: No such file or directory
[root at ns2 named]# cat /etc/named.conf
acl "trusted" {
localhost;
192.168.0.0/24;
192.168.1.0/24;
};
options {
directory "/var/named";
allow-recursion { trusted; };
allow-query { trusted; };
version "get lost";
allow-transfer {192.168.1.10;};
listen-on {
192.168.1.11;
127.0.0.1;
};
forwarders {
207.181.101.4;
207.181.101.5;
};
forward first;
recursion yes;
};
logging{
channel example_log{
file "/var/log/named/example.log" versions 3 size 2m;
severity info;
print-severity yes;
print-time yes;
print-category yes;
};
category default{
example_log;
};
};
zone "." {
type hint;
file "/var/named/root.servers";
};
zone "soilengineersltd.com" in{
type slave;
file "/var/named/soilengineersltd.com.zone";
masters {192.168.1.10; };
};
Here is named.conf file on the Slave
[root at ns2 named]# cat /etc/named.conf
acl "trusted" {
localhost;
192.168.0.0/24;
192.168.1.0/24;
};
options {
directory "/var/named";
allow-recursion { trusted; };
allow-query { trusted; };
version "get lost";
allow-transfer {192.168.1.10;};
listen-on {
192.168.1.11;
127.0.0.1;
};
forwarders {
207.181.101.4;
207.181.101.5;
};
forward first;
recursion yes;
};
logging{
channel example_log{
file "/var/log/named/example.log" versions 3 size 2m;
severity info;
print-severity yes;
print-time yes;
print-category yes;
};
category default{
example_log;
};
};
zone "." {
type hint;
file "/var/named/root.servers";
};
zone "mydomain.com" in{
type slave;
file "/var/named/mydomain.com.zone";
masters {192.168.1.10; };
};
Any Ideas on where I screwed up? The server can ping eahcother and can
resolave against eachother but the zone file won't transfer.
I created a blank /var/named/mydomain.com.zone on the slave but it
continues to be empty after many bounces of the server...Ps I reduced the
refresh to 60 to try and hurry up the process.
--
Vincent Yonemitsu
Information Technology and Infrastructure Manager
vincentyonemitsu at soilengineersltd.com
Tel. (416) 754-8515 x 270
100 Nugget Avenue
Toronto, Ontario M1S 3A7
Toll Free Tel. (800) 268-5624 x 270
Fax: (416) 754-8516
This message is intended only for the use of the individual to which it is
addressed and contains information that is privileged and confidential. If
this e-mail is not intended for you, any reading, distribution, copying,
or disclosure of this e-mail is strictly prohibited. If you have received
this communication in error, please notify Soil Engineers Ltd.
immediately. Soil Engineers Ltd. assumes no liability for any unauthorized
use or alteration of the contents or attachments of this e-mail.
Have a look at our website: http://www.soilengineersltd.com
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the bind-users
mailing list