Am 23.02.2016 um 18:48 schrieb Darcy Kevin (FCA):
Let's be transparent here: reverse lookups are not a formal requirement, and,
if I'm not mistaken, not even officially published as a Best Practice. Many
folks don't bother with them.
but most network services are doing reverse lookups and c
- Kevin
-Original Message-
From: bind-users-boun...@lists.isc.org
[mailto:bind-users-boun...@lists.isc.org] On Behalf Of Mark Andrews
Sent: Monday, February 22, 2016 9:32 PM
To: David Li
Cc: BIND Users
Subject: Re: A Zone T
7fd::1#53
> >> Feb 22 15:27:38 dli-centos7 named[2170]: error (network unreachable)
> >> resolving 'node2/A/IN': 2001:dc3::35#53
> >> Feb 22 15:27:38 dli-centos7 named[2170]: error (network unreachable)
> >> resolving 'node2/A/IN': 2001:7fe::5
gt; resolving 'node2/A/IN': 2001:7fe::53#53
>> Feb 22 15:27:38 dli-centos7 named[2170]: error (network unreachable)
>> resolving './NS/IN': 2001:dc3::35#53
>> Feb 22 15:27:38 dli-centos7 named[2170]: error (network unreachable)
>> resolving './NS/
>>
os7 named[2170]: error (network unreachable)
> resolving './NS/IN': 2001:dc3::35#53
> Feb 22 15:27:38 dli-centos7 named[2170]: error (network unreachable)
> resolving './NS/
>
>
> I don't have a zone file that have these records defined. Any idea?
>
>
ts.isc.org
[mailto:bind-users-boun...@lists.isc.org] On Behalf Of David Li
Sent: Monday, February 22, 2016 6:48 PM
To: BIND Users
Subject: Re: A Zone Transfer Question
Barry and others:
Thanks for the help!
It's my bad that the slave zone's subnet range was missing from allow-query. I
als
> --
>
> Message: 3
> Date: Fri, 19 Feb 2016 21:25:43 -0500
> From: Barry Margolin
> To: comp-protocols-dns-b...@isc.org
> Subject: Re: A Zone Transfer Question
> Message-ID:
>
> In article ,
> David Li wrote:
>
>> Hi John,
>&g
On 02/19/2016 08:04 PM, John Miller wrote:
In the case of dynamic updates, one NS record might actually be
better: there's no worrying about update forwarding between slave and
master.
It's been my painful experience that (particularly Windows) clients send
dynamic DNS updates to the MNAME lis
Am 20.02.2016 um 04:04 schrieb John Miller:
Will a zone even load with zero NS records? It's not something I've
ever tried, though probably should for grins
no, bind won't start at all
signature.asc
Description: OpenPGP digital signature
___
Ple
On Fri, Feb 19, 2016 at 9:26 PM, Barry Margolin wrote:
> In article ,
> John Miller wrote:
>
>> And if you actually want people to use your zone or you want NOTIFY
>> working, two NS records (and possibly glue) are really a must.
>
> He mentioned that these are internal nameservers, they're not
In article ,
John Miller wrote:
> And if you actually want people to use your zone or you want NOTIFY
> working, two NS records (and possibly glue) are really a must.
He mentioned that these are internal nameservers, they're not reached
via public delegation. So NS records are probably irrelev
In article ,
David Li wrote:
> Hi John,
>
> Well, I was wrong about the log. I did find some info about why zone
> transfer failed. On one server running zone rack1.com, I see:
>
> Feb 19 16:04:27 dli-centos7 named[13882]: client 10.4.3.101#20745
> (rack1.com): query 'rack1.com/SOA/IN' denied
bind-users-boun...@lists.isc.org] On Behalf Of David Li
Sent: Friday, February 19, 2016 7:09 PM
To: John W. Blue
Cc: BIND Users
Subject: Re: A Zone Transfer Question
Hi John,
Well, I was wrong about the log. I did find some info about why zone transfer
failed. On one server running zone rack1.com, I see
gt;
> From: "John W. Blue"
> Sent: Feb 19, 2016 1:17 PM
> To: David Li
>
> Cc: BIND Users
> Subject: Re: A Zone Transfer Question
>
> Nothing in the logs, eg? Well so much for getting an easy resolution. :D
>
> If you trust your conf files and logs are
Regardless of how NOTIFY's behaving (it's a nice-to-have, not a must),
you need to make sure zone transfers from master to slave are working.
If you can run
dig @10.4.1.101 rack1.com AXFR
from your slave, then zone transfers of rack1.com are working from
master to slave, and your issue lies somew
As pointed out previously, however, with a 1-minute REFRESH, NOTIFY is pretty
much a non-issue.
- Kevin
-Original Message-
From: Darcy Kevin (FCA)
Sent: Friday, February 19, 2016 4:25 PM
To: BIND Users
Subject: RE: A Zone Transfer Question
How
7;s presumably the master...
- Kevin
-Original Message-
From: bind-users-boun...@lists.isc.org
[mailto:bind-users-boun...@lists.isc.org] On Behalf Of David Li
Sent: Friday, February 19, 2016 3:56 PM
To: John Miller
Cc: BIND Users
Sub
Hi John,
Sorry I missed the options. I attached them below.
I didn't have allow-transfer, allow-notify and also-notify. I only
have allow-query. I read somewhere that NOTIFY is automatic for all
slave zones. Is this the problem?
For VM1 named.conf
options {
directory "/var/named";
al
Hi David,
Something I'm not seeing in your config is an options {} block that
lays out your defaults for allow-transfer, allow-notify, also-notify,
etc. Those are important things to know when it comes to
troubleshooting zone transfer issues. Unless you've got a specific
reason for not doing so,
thing of that nature.
- Kevin
From: bind-users-boun...@lists.isc.org
[mailto:bind-users-boun...@lists.isc.org] On Behalf Of John W. Blue
Sent: Friday, February 19, 2016 2:19 PM
To: David Li
Cc: BIND Users
Subject: Re: A Zone Transfer Question
"kick off" as in update the zone and not
In article ,
David Li wrote:
> Hi John,
>
> Here are the files. They are all internal zones without any references
> to external name servers.
The zones should have NS records that list the slave servers, or you
should have an "also-notify" statement in the master's named.conf.
Although with
"kick off" as in update the zone and not by using dig.
John
Sent from Nine<http://www.9folders.com/>
From: "John W. Blue"
Sent: Feb 19, 2016 1:17 PM
To: David Li
Cc: BIND Users
Subject: Re: A Zone Transfer Question
Nothing in the logs, eg? Well so much for getting a
eth0 -n port domain
Kick off a transfer and see what happens.
John
Sent from Nine<http://www.9folders.com/>
From: David Li
Sent: Feb 19, 2016 1:04 PM
To: John W. Blue
Cc: BIND Users
Subject: Re: A Zone Transfer Question
Hi John,
Nothing in the /var/log/messages indicates transfer proble
; You can get started by checking your log files to see if named is
> complaining about anything it might not like that is preventing the
> transfer.
>
> John
>
> Sent from Nine
>
> From: David Li
> Sent: Feb 19, 2016 10:46 AM
> To: BIND Users
> Subject: A Zone Transf
Hi John,
Here are the files. They are all internal zones without any references
to external name servers.
VM1:
named.conf:
-
#
# master (on VM1)
#
zone "rack1.com" {
type master;
file "/var/named/db.rack1.com";
allow-update { key rndc-key-rack1; }; # For DHCP dynami
Hello David,
You can get started by checking your log files to see if named is complaining
about anything it might not like that is preventing the transfer.
John
Sent from Nine<http://www.9folders.com/>
From: David Li
Sent: Feb 19, 2016 10:46 AM
To: BIND Users
Subject: A Zone Tr
On Fri, Feb 19, 2016 at 11:45 AM, David Li wrote:
> This is my first time to try master slave configuration. Here is a
> brief description:
>
> I have two Centos 7.1 VMs - each is configured for a zone. VM1 is the
> master for zone1 and slave for zone2. VM2 is master for zone2 and
>
This is my first time to try master slave configuration. Here is a
brief description:
I have two Centos 7.1 VMs - each is configured for a zone. VM1 is the
master for zone1 and slave for zone2. VM2 is master for zone2 and
slave for zone1. Both zones uses DNS Dynamic Update from DH
28 matches
Mail list logo
