9.14 -> 9.16 - Slaves zones fail to transfer - dns_request_createvia4() failed: permission denied
Mark Andrews
marka at isc.org
Sun Mar 29 22:00:27 UTC 2020
Stop using a fixed reserved port for transfers.
> On 30 Mar 2020, at 08:55, Karl Pielorz <karl.pielorz at getonline.co.uk> wrote:
>
>
> Hi,
>
> I've recently switched one of our DNS servers from Bind 9.14 to Bind 9.16 - this is under FreeBSD 11.3
>
> The switch seemed to go ok - no errors logged, all the master zones loaded - all the slave zones reloaded, and queries worked until today - where we just got:
>
> named[72036]: zone mydomain.com/IN: expired
>
> And nothing answered for queries for 'mydomain.com' So, wanting a 'quick fix' - I shut down bind, remove the slave zone from disk - and restarted it (thinking it would just pull it in again).
>
> This didn't result in a successful AXFR from the master - and instead just another 'expired' error logged.
>
> Having turned up logging to 'debug' - I seem to be left with:
>
> 22:29:19.116 general: debug 1: soa_query: zone mydomain.com/IN: dns_request_createvia4() failed: permission denied
>
> Anyone know if this is the likely cause of the slave zone not getting AXFR'd - and any idea how I can fix it?
>
> The same config worked under 9.14 - I can't see anything in our config that's 'broken' in 9.16 (and no errors logged) - and I can manually 'dig' the AXFR from the command line - I'm just a bit stumped as to what 'dns_request_createvia4()' failing could mean, and if that's the likely cause.
>
> Regards,
>
> -Karl
> _______________________________________________
> bind-workers mailing list
> bind-workers at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-workers
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka at isc.org
More information about the bind-workers
mailing list