Still trying to figure this out, still am not doing something right. I’m still
getting REFUSED when trying to do transfers from Master to Slave. Not sure
what I’m doing wrong, so please point out my errors here. I have two views,
but neither are getting any transfers so I’ve only included one in the config.
Here’s my part of my config for Master and Slave:
MASTER (10.233.0.198):
key WAN-key {
algorithm hmac-md5;
secret “FsrWAd2G5saYSd3bOx0mw==";
};
key LAN-key {
algorithm hmac-md5;
secret “4hKGvi4BDswdTD2f1sEE2i==";
};
acl lan_hosts { key LAN-key; !key WAN-key; 192.168.0.0/16; 10.233.0.0/24;
localhost; };
acl wan_queries { key WAN-key; !key LAN-key; !192.168.0.0/16; !10.233.0.0/24; };
include "/etc/rndc.key";
controls {
inet 127.0.0.1 port 953 allow { 127.0.0.1; } keys { rndc-key; };
};
view "LAN” {
match-clients { lan_hosts; };
allow-transfer { key LAN-key; };
also-notify { 10.233.0.189 key LAN-key; };
zone “intranet.site" {
type slave;
masters {
10.233.0.198;
};
file "/var/named/slaves/intranet.site.LAN.hosts";
};
}
SLAVE (10.233.0.189):
key WAN-key {
algorithm hmac-md5;
secret “FsrWAd2G5saYSd3bOx0mw==";
};
key LAN-key {
algorithm hmac-md5;
secret “4hKGvi4BDswdTD2f1sEE2i==";
};
acl lan_hosts { key LAN-key; !key WAN-key; 192.168.0.0/16; 10.233.0.0/24;
localhost; };
acl wan_queries { key WAN-key; !key LAN-key; !192.168.0.0/16; !10.233.0.0/24;
};
include "/etc/rndc.key";
controls {
inet 127.0.0.1 port 953 allow { 127.0.0.1; } keys { rndc-key; };
};
view "LAN” {
match-clients { lan_hosts; };
zone “intranet.site" {
type slave;
masters {
10.233.0.198;
};
file "/var/named/slaves/intranet.site.LAN.hosts";
};
}
> On Dec 21, 2016, at 10:59 AM, Asai <a...@globalchangemusic.org> wrote:
>
> Yes, thank you. I think Mark’s link to the article is the proper solution.
> Thank you for your reply.
>
>
>> On Dec 21, 2016, at 10:55 AM, Matthew Pounsett <m...@conundrum.com
>> <mailto:m...@conundrum.com>> wrote:
>>
>>
>>
>> On 20 December 2016 at 16:45, Asai <a...@globalchangemusic.org
>> <mailto:a...@globalchangemusic.org>> wrote:
>> Greetings,
>>
>> Quick question. Using BIND 9.9.4. I have 2 zones. One for LAN traffic,
>> and one for WAN traffic. My secondary server is transferring the wrong
>> zones, so that my WAN zone has all the A records for my LAN zone.
>>
>> Any insights on this?
>>
>> Most likely you've misconfigured your master server such that the slave
>> (secondary) sees the wrong zone when doing zone transfers. But, because you
>> haven't provided any real detail about your configuration, no one is going
>> to be able to provide much in the way of advice about how to fix it.
>>
>> You should read the article that Mark Andrews linked, and if you still are
>> not able to solve the problem you should return with some details about your
>> setup.
>>
>
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
> from this list
>
> bind-users mailing list
> bind-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
