<html><head><meta http-equiv="Content-Type" content="text/html charset=utf-8"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class="">Still trying to figure this out, still am not doing something right. I’m still getting REFUSED when trying to do transfers from Master to Slave. Not sure what I’m doing wrong, so please point out my errors here. I have two views, but neither are getting any transfers so I’ve only included one in the config.<div class=""><br class=""></div><div class="">Here’s my part of my config for Master and Slave:</div><div class=""><br class=""></div><div class="">MASTER (10.233.0.198):</div><div class=""><br class=""></div><div class=""><div class="">key WAN-key {</div><div class=""><div class=""> algorithm hmac-md5;</div><div class=""> secret “FsrWAd2G5saYSd3bOx0mw==";</div><div class=""> };</div><div class=""><br class=""></div><div class="">key LAN-key {</div><div class=""> algorithm hmac-md5;</div><div class=""> secret “4hKGvi4BDswdTD2f1sEE2i==";</div><div class=""> };</div><div class=""><br class=""></div><div class="">acl lan_hosts { key LAN-key; !key WAN-key; 192.168.0.0/16; 10.233.0.0/24; localhost; };</div><div class="">acl wan_queries { key WAN-key; !key LAN-key; !192.168.0.0/16; !10.233.0.0/24; };</div><div class=""><br class=""></div><div class="">include "/etc/rndc.key";</div><div class="">controls {</div><div class=""> inet 127.0.0.1 port 953 allow { 127.0.0.1; } keys { rndc-key; };</div><div class=""> };</div><div class=""><br class=""></div><div class="">view "LAN” {</div><div class=""><br class=""></div><div class=""><div class="">match-clients { lan_hosts; };</div><div class="">allow-transfer { key LAN-key; };</div><div class=""><span class="Apple-tab-span" style="white-space: pre;"> </span></div><div class="">also-notify { 10.233.0.189 key LAN-key; };</div></div><div class=""> </div><div class=""><div class="">zone “intranet.site" {</div><div class=""><span class="Apple-tab-span" style="white-space: pre;"> </span>type slave;</div><div class=""><span class="Apple-tab-span" style="white-space: pre;"> </span>masters {</div><div class=""><span class="Apple-tab-span" style="white-space: pre;"> </span>10.233.0.198;</div><div class=""><span class="Apple-tab-span" style="white-space: pre;"> </span>};</div><div class=""><span class="Apple-tab-span" style="white-space: pre;"> </span>file "/var/named/slaves/intranet.site.LAN.hosts";</div><div class=""><span class="Apple-tab-span" style="white-space: pre;"> </span>};</div></div><div class="">}</div></div></div><div class=""><br class=""></div><div class=""><br class=""></div><div class=""><br class=""></div><div class=""><br class=""></div><div class="">SLAVE (10.233.0.189):</div><div class=""><br class=""></div><div class=""><div class="">key WAN-key {</div><div class=""> algorithm hmac-md5;</div><div class=""> secret “FsrWAd2G5saYSd3bOx0mw==";</div><div class=""> };</div><div class=""><br class=""></div><div class="">key LAN-key {</div><div class=""> algorithm hmac-md5;</div><div class=""> secret “4hKGvi4BDswdTD2f1sEE2i==";</div><div class=""> };</div><div class=""><br class=""></div><div class="">acl lan_hosts { key LAN-key; !key WAN-key; 192.168.0.0/16; 10.233.0.0/24; localhost; };</div><div class="">acl wan_queries { key WAN-key; !key LAN-key; !192.168.0.0/16; !10.233.0.0/24; };</div><div class=""><br class=""></div><div class="">include "/etc/rndc.key";</div><div class="">controls {</div><div class=""> inet 127.0.0.1 port 953 allow { 127.0.0.1; } keys { rndc-key; };</div><div class=""> };</div><div class=""><br class=""></div><div class="">view "LAN” {</div><div class=""><br class=""></div><div class="">match-clients { lan_hosts; };</div><div class=""><br class=""></div><div class=""><div class="">zone “intranet.site" {</div><div class=""><span class="Apple-tab-span" style="white-space:pre"> </span>type slave;</div><div class=""><span class="Apple-tab-span" style="white-space:pre"> </span>masters {</div><div class=""><span class="Apple-tab-span" style="white-space:pre"> </span>10.233.0.198;</div><div class=""><span class="Apple-tab-span" style="white-space:pre"> </span>};</div><div class=""><span class="Apple-tab-span" style="white-space:pre"> </span>file "/var/named/slaves/intranet.site.LAN.hosts";</div><div class=""><span class="Apple-tab-span" style="white-space:pre"> </span>};</div></div><div class="">}</div><div apple-content-edited="true" class="">
<div style="color: rgb(0, 0, 0); font-family: Helvetica; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: 2; text-align: -webkit-auto; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""><div style="color: rgb(0, 0, 0); font-family: Helvetica; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: 2; text-align: -webkit-auto; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""><pre class="moz-signature" cols="72"><br class=""></pre></div></div>
</div>
<br class=""><div><blockquote type="cite" class=""><div class="">On Dec 21, 2016, at 10:59 AM, Asai <<a href="mailto:asai@globalchangemusic.org" class="">asai@globalchangemusic.org</a>> wrote:</div><br class="Apple-interchange-newline"><div class=""><meta http-equiv="Content-Type" content="text/html charset=utf-8" class=""><div style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""><div apple-content-edited="true" class="">Yes, thank you. I think Mark’s link to the article is the proper solution. Thank you for your reply.
</div><div apple-content-edited="true" class=""><br class=""></div>
<br class=""><div class=""><blockquote type="cite" class=""><div class="">On Dec 21, 2016, at 10:55 AM, Matthew Pounsett <<a href="mailto:matt@conundrum.com" class="">matt@conundrum.com</a>> wrote:</div><br class="Apple-interchange-newline"><div class=""><div dir="ltr" class=""><br class=""><div class="gmail_extra"><br class=""><div class="gmail_quote">On 20 December 2016 at 16:45, Asai <span dir="ltr" class=""><<a href="mailto:asai@globalchangemusic.org" target="_blank" class="">asai@globalchangemusic.org</a>></span> wrote:<br class=""><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Greetings,<br class="">
<br class="">
Quick question. Using BIND 9.9.4. I have 2 zones. One for LAN traffic, and one for WAN traffic. My secondary server is transferring the wrong zones, so that my WAN zone has all the A records for my LAN zone.<br class="">
<br class="">
Any insights on this?<br class=""><br class=""></blockquote><div class="">Most likely you've misconfigured your master server such that the slave (secondary) sees the wrong zone when doing zone transfers. But, because you haven't provided any real detail about your configuration, no one is going to be able to provide much in the way of advice about how to fix it.</div><div class=""><br class=""></div><div class="">You should read the article that Mark Andrews linked, and if you still are not able to solve the problem you should return with some details about your setup. </div></div><br class=""></div></div>
</div></blockquote></div><br class=""></div>_______________________________________________<br class="">Please visit <a href="https://lists.isc.org/mailman/listinfo/bind-users" class="">https://lists.isc.org/mailman/listinfo/bind-users</a> to unsubscribe from this list<br class=""><br class="">bind-users mailing list<br class=""><a href="mailto:bind-users@lists.isc.org" class="">bind-users@lists.isc.org</a><br class="">https://lists.isc.org/mailman/listinfo/bind-users</div></blockquote></div><br class=""></div></body></html>