We recently decided to create internal and external views for some zones. This worked fine on the master server.
However, initiating zone transfer on slave from master it loaded all the zone names I'd created but put exactly the same information into both sets. This information was for the internal view which is the first one in both named.conf files. On doing some research I saw mention of needing to configure different slaves for internal and external view. This mentioned need for separate IPs. Since I can't just build a new slave server I instead opted to create an alias IP using the same NIC as primary IP. Of course the question there is how to force the transfer request to come from the primary IP or the alias IP dependent on which view the zone is in. Further research suggested use of the transfer-source option in the view to specify the IP to be used to request the transfer. I added this. Also I already had allow-transfer for the primary IP. I left that in the external view zone entries in named.conf. I then created a separate allow-transfer in the internal view zone entries to use the alias IP. On checking logs I'm seeing REFUSED from the master in the slave's logs but I am seeing the slave's alias IP making the request on the master. I don't see the slave's primary IP making requests on the master. Is what I'm trying to do possible? If not can someone explain why? Given that I'm restricting the IP allowed to transfer and the IP requesting the transfer it seems this should be working. At worst it seems it should only have quit working for one view but its not working for either one. If it is possible can someone let me know how they've achieved it? Please consider our environment before printing this e-mail or attachments. ---------------------------------- CONFIDENTIALITY NOTICE: This e-mail may contain privileged or confidential information and is for the sole use of the intended recipient(s). If you are not the intended recipient, any disclosure, copying, distribution, or use of the contents of this information is prohibited and may be unlawful. If you have received this electronic transmission in error, please reply immediately to the sender that you have received the message in error, and delete it. Thank you. ----------------------------------
_______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
