Greetings,
Upgraded today from BIND 9.2.4 to BIND 9.7.0-P2-RedHat-9.7.0-5.P2.el6_0.1.
Pretty much copied the named.conf file from one to the other.
We are a slave for a three other sites, two I download the zones OK, one I
get REFUSED since the upgrade.
I thought permissions or config error on my side but have not found anything
yet.
Sniffer trace shows my server requesting:
Question Section: Type = Transfer of entire zone of authority (AXFR.252)
and remote master replying
Response code = Refused (5)
Shooting in the dark, I stopped signing my zone and took out;
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;
but no change.
Could it be a miss-configure on my side to have the master refuse to allow a
zone transfer? I ask the remote zone admin if they could check but have not
heard back yet. I just have a hard time understanding how my upgrade would
have their zone refuse to transfer to the same IP address and FQDN.
RCODE (5)
Refused - The name server refuses to
perform the specified operation for
policy reasons. For example, a name
server may not wish to provide the
information to the particular requester,
or a name server may not wish to perform
a particular operation (e.g., zone
transfer) for particular data.
thanks!
jim
_______________________________________________
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
