Secondary DNS Issues

Kirk bind at kirkb.net
Mon Dec 22 15:38:26 UTC 2008 

Bryce Fischer wrote:
> On Dec 22, 9:52 am, Bryce Fischer <br... at berzerker-soft.com> wrote:
>> I'm trying to use xname.org to use as secondary DNS servers. I have
>> setup the following zone from my primary NS:
>>
>> (named.conf.local)
>>
>> zone "gwatdesigns.com" {
>>         type master;
>>         file "/etc/bind/zones/gwatdesigns.com.db";
>>         allow-transfer {
>>                 87.98.164.164; 195.234.42.1;
>>         };
>>
>> };
>>
>> where the two IP addresses are those given by xname.org for secondary
>> NS.
>>
>> The only error I"m seeing in syslog is:
>>
>> Dec 22 09:44:38 jupiter named[5209]: client 87.98.164.164#45789: zone
>> transfer 'gwatdesigns.com/AXFR/IN' denied
>>
>> Configuration on XName seem pretty straight forward. I set the
>> following form fields:
>>
>> Primary Nameserver IP: 207.192.71.243
>> Allow Transfers From: Master Only
>>
>> Not sure what else to look for. It seems to me that I have the master
>> setup correctly, but I'm willing to bet I've forgotten something that
>> is probably obvious.
> 
> As it may be applicable, this is the result from
> root at jupiter:/etc# dig @ns1.berzerker-soft.com gwatdesigns.com axfr
> 
> ; <<>> DiG 9.4.2-P1 <<>> @ns1.berzerker-soft.com gwatdesigns.com axfr
> ; (1 server found)
> ;; global options:  printcmd
> ; Transfer failed.
> 
> Which is also the results from the xname.org log file.


Are you certain your configs are the same on your ns1 and 
ns2.berzerker-soft.com.

I am able to do zone transfers from your ns2 just fine but not ns1.

dig @NS2.BERZERKER-SOFT.COM. gwatdesigns.com. axfr

; <<>> DiG 9.5.0-P2 <<>> @NS2.BERZERKER-SOFT.COM. gwatdesigns.com. axfr
; (1 server found)
;; global options:  printcmd
gwatdesigns.com.        1500    IN      SOA     ns1.berzerker-soft.com. 
root.gwatdesigns.com. 2008120302 28800 3600 604800 38400
gwatdesigns.com.        1500    IN      A       207.192.71.243
gwatdesigns.com.        1500    IN      NS      ns1.berzerker-soft.com.
gwatdesigns.com.        1500    IN      NS      ns2.berzerker-soft.com.
gwatdesigns.com.        1500    IN      MX      10 mail.gwatdesigns.com.
gwatdesigns.com.        1500    IN      MX      1 ASPMX.L.GOOGLE.COM.
gwatdesigns.com.        1500    IN      MX      5 ALT1.ASPMX.L.GOOGLE.COM.
gwatdesigns.com.        1500    IN      MX      5 ALT2.ASPMX.L.GOOGLE.COM.
gwatdesigns.com.        1500    IN      MX      10 ASPMX2.GOOGLEMAIL.COM.
gwatdesigns.com.        1500    IN      MX      10 ASPMX3.GOOGLEMAIL.COM.
gwatdesigns.com.        1500    IN      MX      10 ASPMX4.GOOGLEMAIL.COM.
calendar.gwatdesigns.com. 1500  IN      CNAME   ghs.google.com.
docs.gwatdesigns.com.   1500    IN      CNAME   ghs.google.com.
ftp.gwatdesigns.com.    1500    IN      A       207.192.71.243
mail.gwatdesigns.com.   1500    IN      CNAME   ghs.google.com.
ssh.gwatdesigns.com.    1500    IN      A       207.192.71.243
www.gwatdesigns.com.    1500    IN      A       207.192.71.243
gwatdesigns.com.        1500    IN      SOA     ns1.berzerker-soft.com. 
root.gwatdesigns.com. 2008120302 28800 3600 604800 38400

More information about the bind-users mailing list