Zone transfer failure
Andreas Brandino
ampranti at gmail.com
Wed Oct 17 11:22:48 UTC 2018
Hello all,
I wonder if anyone can help me to find the cause of the problem I am
currently having.
All servers are running on Debian and BIND 9.10.3-P4-Debian.
I have a master server and 4 slaves.
The zone is transfered from the master [ns1] to all slaves [ns3,ns4,ns5 and
ns6].
I am also using TSIG with a different key for each server.
Moreover, the zone file refers to the internal view.
When I change the myzone.com, I always update the serial and I reload the
zone.
The problem:
ns3 and ns4 never get the updated zone file automatically.
On the other hand, ns4 and ns5 always get the updated zone file immediately.
If I initialize the transfer manually from ns3 and ns4, I get no errors.
Here is the config:
NS1 config: (IP 1.1.1.1 - master DNS)
zone "myzone.com" {
type master;
file "/etc/bind/master/myzone.com.INSIDE";
allow-transfer { key ns1ns3_key; key ns1ns4_key; key
ns1ns5_key; key ns1ns6_key; };
also-notify {
3.3.3.3 port 53 key ns1ns3_key;
4.4.4.4 port 53 key ns1ns4_key;
5.5.5.5 port 53 key ns1ns5_key;
6.6.6.6 port 53 key ns1ns6_key;
};
notify explicit;
notify-source 1.1.1.1 ;
};
NS3 config: (IP 3.3.3.3 - transfer fails)
zone " myzone .com" {
file "/etc/bind/master/myzone.com.INSIDE";
type slave;
allow-update { key ns1ns3_key; };
masters { 1.1.1.1; };
allow-notify { 1.1.1.1; };
notify yes;
request-ixfr no;
};
NS5 config: (IP 5.5.5.5, successful transfer)
zone "myzone.com" {
file "/etc/bind/master/myzone.com.INSIDE";
type slave;
allow-update { key ns1ns5_key; };
masters { 1.1.1.1; };
notify yes;
request-ixfr no;
};
Do you see any errors in the above configuration that could cause this
problem?
Best Regards
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20181017/c15b0e12/attachment.html>
More information about the bind-users
mailing list