Need assistance with configuring external zone on a 2nd CentOS 7 bind v9.4.4 dns slave
William Clarke
wclarke at simons-rock.edu
Wed Apr 8 15:44:57 UTC 2015
Barry,
Thanks you. I appreciate your response Barry. I'm fairly new to Bind and
DNS and have gotten a bit lost. Is there any way you can provide a
little more information for me? Am I not correct in saying that I'm
already using TSIG keys in the include lines?
------------------------------------------------------------
view "external" {
match-clients { any; };
allow-transfer { key slave-external; };
....
...
..
include "/etc/rndc.key";
include "/etc/transfer-internal.key";
include "/etc/transfer-external.key";
------------------------------------------------------------
/var/named/chroot/etc/transfer-external.key
key "slave-external" {
algorithm hmac-md5;
secret "blahblahblahblahblah";
};
Thanks,
William Clarke
ITS System Administrator
Bard College at Simon's Rock
84 Alford Road
Great Barrington, MA 01230
(413) 528-7428 (voice)
(413) 528-7405 (fax)
wclarke at simons-rock.edu
On 4/8/2015 10:54 AM, Barry Margolin wrote:
> In article <mailman.1910.1428503936.26362.bind-users at lists.isc.org>,
> William Clarke <wclarke at simons-rock.edu> wrote:
>
>> Resending because the message was over 40K... I removed most of the
>> internal\external zones and logs to shorten the message.
>> We have a split DNS chrooted master\slave setup running on CentOS 5.11.
>> I have 3 named.conf files below, Working master, working slave and a new
>> CentOS 7 non-working slave that I'm trying to spin up. The internal
>> zones do get transferred\updated however theexternal zones aren't
>> transferring at all, the master doesn't even have any mentioning of
>> external transfers for this specific slave. I have a hunch that this is
>> either happening because I don't have multiple network adapters
>> configured ie split DNS for slave or possibly a hostname issue. I tried
>> to basically mirror the setup of my new slave all except the ip address.
>> My new slave is 192.168.1.224. The instructions I followed to set this
>> up was from:
>> http://www.ehowstuff.com/how-to-setup-bind-chroot-dns-server-on-centos-7-0-vps
>> /
> Since the new slave only has one address, you can't use the IP to
> distinguish which view should be sent in a zone transfer. You need to
> use TSIG keys.
>
More information about the bind-users
mailing list