help with notify-source
ews_inc
ewsinc at gmail.com
Tue Mar 25 02:03:30 UTC 2008
On Mar 24, 6:33 pm, Barry Margolin <bar... at alum.mit.edu> wrote:
> In article <fs9jkp$191... at sf1.isc.org>, tony z <tz... at yahoo.com> wrote:
> > I have a BIND 9.x server with multiple ethernet interfaces and IPs.
>
> What's the value of x?
>
> > I need the NOTIFY messages to go out on a specific IP, because I am using
> > TSIG updates
> > to my slave and that slave will not accept a TCP NOTIFY connection from any
> > other than one of
> > my specific IPs.
> > I put a notify-source directive inside my zone files and options area, but
> > nothing seems to work.
> > BIND/named seems to randomly rotate through all my IPs sending NOTIFY, until
> > it uses the IP
> > that my slave wants to hear from, and then the transfer from master to slave
> > happens. But this takes like hours.
> > Does notify-source actually work, or am I using the wrong directive or using
> > the right directive in the wrong manner.
>
> Post your named.conf.
>
> --
> Barry Margolin, bar... at alum.mit.edu
> Arlington, MA
> *** PLEASE don't copy me on replies, I'll read them in the group ***
Thanks for any help on this....
x = BIND 9.3.3rc2
the named.conf is:
// Default named.conf generated by install of bind-9.2.4-24.ELu
// changelog:
options {
hostname "somehost";
version "ver9";
blackhole { 213.171.223.128; };
listen-on { 67.228.17.xxx; }; // virtual ETH for DNS
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
notify-source 67.228.17.xxx ;
allow-recursion { 127.0.0.1; 67.228.17.xxx; };
dnssec-enable yes;
};
include "/etc/rndc.key";
include "/var/named/keys/xxx.keys";
logging {
channel default_log {
file "/var/log/named/default.log" versions 7 size 1m;
severity debug 50;
print-category yes;
print-severity yes;
print-time yes;
};
channel query_log {
file "/var/log/named/query.log" versions 7 size 1m;
severity info;
print-category yes;
print-severity yes;
print-time yes;
};
channel security_ch {
file "/var/log/named/named_sec.log" versions 7 size
1m;
severity info;
print-category yes;
print-severity yes;
print-time yes;
};
channel dnssec_ch {
file "/var/log/named/dnssec.log" versions 7 size 1m;
severity info;
print-category yes;
print-severity yes;
print-time yes;
};
channel log_zone_transfers {
file "/var/log/named/axfr.log" versions 7 size 1m;
severity info;
print-category yes;
print-severity yes;
print-time yes;
};
category default { default_log; };
category security { security_ch; };
category dnssec { dnssec_ch; };
category queries { query_log; };
category xfer-out { log_zone_transfers; };
};
// zone file for root servers, fres off internic.net
zone "." {
type hint;
file "named.ca";
};
// zone file for localhost
zone "localhost." in{
type master;
file "master.localhost";
allow-update { none; };
};
// zone file for revrerse lookup of localhost
zone "0.0.127.IN-ADDR.ARPA." {
type master;
file "localhost.rev";
allow-update { none; };
};
// zone file for xxx.us
zone "xxx.us" {
type master;
file "xxx.us";
allow-transfer { key 101436.163724.xxx; };
};
// zone file for xxx.com
zone "xxx.com" {
type master;
file "xxx.com";
allow-transfer { key 101436.163822.xxx; };
};
More information about the bind-users
mailing list