Re: Zone transfer issues on new domain

Wed, 31 Mar 2010 12:34:23 -0700

TSIG overloaded the NOTAUTH response code to mean "not authorized" instead of its traditional meaning of "not authoritative".
I'm thinking that the root cause here is a TSIG validation issue that's being misreported as "not authoritative" because a "generic" error-printing routine is being used, and it only knows one way to represent NOTAUTH. 


Of course, it's easy to check whether a nameserver considers itself 
authoritative for a given zone -- just do a query and check for the 
presence/absence of the AA bit...



                                                                        
                                                - Kevin


On 3/31/2010 7:48 AM, Lear, Karen (Evolver) wrote:

To clarify, I added this to the named.conf on the slave:

};
zone "usptoenews.gov" {
         type slave;
         file "secondaries/db.usptoenews";
         masters { 10.240.6.50; };
};

________________________________
From: Lear, Karen (Evolver)
Sent: Wednesday, March 31, 2010 7:25 AM
To: Sten Carlsen; bind-users@lists.isc.org
Subject: RE: Zone transfer issues on new domain

I added it to the named.conf on the slave.  Shouldn't it create its own 
db.usptoenews file under the secondaries directory?
________________________________
From: bind-users-bounces+karen.lear=uspto....@lists.isc.org 
[bind-users-bounces+karen.lear=uspto....@lists.isc.org] On Behalf Of Sten 
Carlsen [st...@s-carlsen.dk]
Sent: Tuesday, March 30, 2010 9:26 PM
To: bind-users@lists.isc.org
Subject: Re: Zone transfer issues on new domain

Did you add it to the slaves configuration? It does not get automagically 
added; so the slave gets a notify on a zone it can not serve as it is not in 
its config.

On 31/03/10 2:14, Lear, Karen (Evolver) wrote:
Can you tell me why I’m getting the message below on my slave server after 
adding a master zone on the master server for usptoenews.gov:

[kl...@dns2 logs]$ grep enews activity.log
30-Mar-2010 17:17:45.484 notify: notice: client 10.240.6.50#10738: received 
notify for zone 'usptoenews.gov': TSIG 'ns1-ns2.uspto.gov': not authoritative
30-Mar-2010 17:22:47.335 notify: notice: client 10.240.6.50#62593: received 
notify for zone 'usptoenews.gov': TSIG 'ns1-ns2.uspto.gov': not authoritative

email:   karen.l...@uspto.gov<mailto:karen.l...@uspto.gov>



_______________________________________________
bind-users mailing list
bind-users@lists.isc.org<mailto:bind-users@lists.isc.org>
https://lists.isc.org/mailman/listinfo/bind-users


--
Best regards

Sten Carlsen

No improvements come from shouting:

        "MALE BOVINE MANURE!!!"

_______________________________________________
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users





   



_______________________________________________
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users






















					Reply via email to