is there a also-allow-transfer
Feng He
fenghe at nsbeta.info
Thu Dec 13 09:09:37 UTC 2012
Thanks.
So how to handle the case described as below?
We already have the also-notify{} section in the global options{} block.
But for a special zone, just want to include another IP to also-notify
besides the global IPs.
于 2012-12-13 17:00, Sten Carlsen 写道:
>
> On 13/12/12 9:46, Feng He wrote:
>> Hello Mark,
>>
>> My named.conf looks as:
>>
>> acl "NAMESVR" { 74.81.81.82; };
> NAMESVR is an acl, it could look like {74.81.0.0/16} or {any}
>
> Essentially it is a kind of bitmask, not a list of IPs.
>>
>> options {
>> directory "/var/cache/bind";
>> recursion no;
>> version "unknown";
>> allow-transfer { NAMESVR; };
>> also-notify { NAMESVR; };
> All notifys must have a list of IPs, if the acl was any, you would have
> to notify the full internet. The mechanism is designed to accept only a
> list of IPs. It can not accept an acl.
>> allow-update { 127.0.0.1; };
>> };
>>
>>
>> # zone begins
>> zone "test.com" {
>> type master;
>> file "/var/cache/bind/test.com.db";
>> allow-transfer { NAMESVR; 74.81.81.81; };
>> also-notify { NAMESVR; 74.81.81.81; };
>> };
>>
>>
>> When I run named-checkconf I got the error:
>>
>> # named-checkconf
>> /etc/bind/named.conf:8: expected IP address near 'NAMESVR'
>>
>> Please help. Thanks.
>>
>>
>>
>>
>> 于 2012-12-13 15:23, Mark Andrews 写道:
>>> In message<50C9818E.2060303 at nsbeta.info>, Feng He writes:
>>>> Hello,
>>>>
>>>> I have the allow-transfer{} section in the global options{} block.
>>>>
>>>> But for a special zone, I want to include another IP to allow transfer
>>>> besides the global IPs.
>>>>
>>>> Is there a also-allow-transfer option in BIND?
>>>> If not how to control this?
>>> acl xxx { };
>>>
>>> options {
>>> allow-transfer { xxx; };
>>> };
>>>
>>> zone "yyy" {
>>> allow-transfer { xxx; extra; };
>>> };
>>>
>>>> Thanks.
More information about the bind-users
mailing list