In article <[email protected]>,
Scott Simpson <[email protected]> wrote:
> I'm trying to transfer my two zones "internal" and "external" from master to
> slave using two IP addresses and it isn't working.
>
> On my master I have:
>
> view "internal" {
> allow-transfer { 192.168.2.1; };
> ...
> view "external" {
> allow-transfer { 192.168.2.12; };
> ...
>
> My slave has two IP addresses 192.168.2.1 and 192.168.2.12 (I used a
> secondary
> IP address on the card). On the slave I have
>
> view "internal" {
> transfer-source 192.168.2.1;
> ...
> view "external" {
> transfer-source 192.168.2.12;
> ...
>
> When I try to transfer the domain "external", I get a permission denied on
> the
> master. I know that the slave is using the correct transfer-source IP address
> because I did a tcpdump and it shows the correct address for the two
> transfers.
>
> Interestingly, if I switch the "internal" and "external" stanzas on the
> master, I get "external" only and not "internal". What gives? Thanks.
> Scott
Do the transfer sources match the match-clients options of the two
views? When a connection arrives, it's first associated with a view
using this option. Then when the request turns out to be a zone
transfer it further checks it against the allow-transfer option.
--
Barry Margolin, [email protected]
Arlington, MA
*** PLEASE don't copy me on replies, I'll read them in the group ***
_______________________________________________
bind-users mailing list
[email protected]
https://lists.isc.org/mailman/listinfo/bind-users
