In article <mailman.1036.1488476919.74444.bind-us...@lists.isc.org>,
Ben Croswell <ben.crosw...@gmail.com> wrote:
> Ensure that the allow-query clause on the master includes the slave. If the
> slave can't query for the SOA on the zone it can't do an xfer.
But it will be a different error than "Not authoritative".
He has no "allow-query" option, so it defaults to allowing everyone to
query. Which is normal for a non-hidden master.
>
> On Mar 2, 2017 6:34 AM, "Xavier Humbert" <xavier.humb...@ac-nancy-metz.fr>
> wrote:
>
> > The whole configuration, comments removed :
> >
> > -------------- Master ------------------
> > acl my-slaves {
> > any; // DEBUG
> > };
> >
> > acl my-clients {
> > any; // DEBUG
> > };
> >
> > options {
> > // IP config
> > listen-on port 53 {172.29.16.135; 127.0.0.1; };
> > listen-on-v6 port 53 {none; };
> >
> > // Paths
> > directory "/var/named";
> > dump-file "/var/named/data/cache_dump.db";
> > statistics-file "/var/named/data/named_stats.txt";
> > memstatistics-file "/var/named/data/named_mem_stats.txt";
> >
> > // Behaviour
> > recursion no;
> > allow-transfer { my-slaves; };
> > };
> >
> > // rndc key
> > include "/etc/rndc.key";
> >
> > controls {
> > inet 127.0.0.1 port 953
> > allow { 127.0.0.1; } keys { "rndc-key"; };
> > };
> >
> > // Logging
> > // omitted
> >
> > zone "in.acv.orion.education.fr" {
> > type master;
> > file "/etc/named/internal/in.acv.orion.education.fr.db";
> > allow-transfer {my-slaves; };
> > };
> >
> > -------------- Slave ------------------
> > acl my-clients {
> > localhost;
> > any; //DEBUG
> > };
> >
> > options {
> > // IP config
> > listen-on port 53 {172.29.16.133; 127.0.0.1; };
> > listen-on-v6 port 53 {none; };
> >
> > // Paths
> > directory "/var/named";
> > dump-file "/var/named/data/cache_dump.db";
> > statistics-file "/var/named/data/named_stats.txt";
> > memstatistics-file "/var/named/data/named_mem_stats.txt";
> >
> > // Behaviour
> > recursion no;
> > allow-update { 172.29.16.135; };
> > allow-transfer { 172.29.16.135; };
> >
> > };
> >
> > // rndc key
> > include "/etc/rndc.key";
> >
> > // Logging
> > // Omitted
> >
> > zone "in.acv.orion.education.gouv.fr" {
> > type slave;
> > file "/etc/named/in.acv.orion.education.gouv.fr.db";
> > masters {172.29.16.135; };
> > };
> > zone "." IN {
> > type hint;
> > file "named.ca";
> > };
> >
> > include "/etc/named.rfc1912.zones";
> > include "/etc/named.root.key";
> >
> > ------------------------------------------------------------------
> >
> > Really, reall basic !
> > Thanks
> >
> > --
> > Xavier Humbert
> > CRT Supervision et Exploitation de Niveau 1
> > Rectorat de Nancy-Metz
> > 03 83 86 27 39
> >
> >
> >
> > _______________________________________________
> > Please visit https://lists.isc.org/mailman/listinfo/bind-users to
> > unsubscribe from this list
> >
> > bind-users mailing list
> > bind-users@lists.isc.org
> > https://lists.isc.org/mailman/listinfo/bind-users
> >
--
Barry Margolin
Arlington, MA
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
