ispCP - Board - Support
Bind setup to allow transfers - Printable Version

+- ispCP - Board - Support (http://www.isp-control.net/forum)
+-- Forum: ispCP Omega Support Area (/forum-30.html)
+--- Forum: System Setup & Installation (/forum-32.html)
+--- Thread: Bind setup to allow transfers (/thread-11394.html)



Bind setup to allow transfers - NIIcK - 08-14-2010 06:37 PM

Hello,

I know this has been discussed over and over again but I have failed to find a solution to the issue.

To me there is no point in having domains hosted that will only relay on a single master server or on two name servers on the same subnet therefore, if a solution has been found to this issue please help us, the rest of the community Smile

The issue is I can add manual slave entries on a bind server then instruct it to download the zone from a Bind ispCP configured server but all the requests fail with connection refused or permission denied, regardless of what I have added in the named.conf file or the named.conf.options file. I have added:

In the named.conf on each zone
Code:
allow-transfer { xxx.xxx.xxx.xxx; yyy.yyy.yyy.yyy; );
notify YES;
also-notify { xxx.xxx.xxx.xxx; yyy.yyy.yyy.yyy; );
with no success. I get the permission denied message.

In named.conf.options
Code:
allow-transfer { xxx.xxx.xxx.xxx; yyy.yyy.yyy.yyy; );
also-notify { xxx.xxx.xxx.xxx; yyy.yyy.yyy.yyy; );
and I get the same error from the bind ispCP master as above.

I have added the above in both named.conf and named.conf.options ... same result.

In the end, is there a way to set the ispCP bind to allow transfers from slave name servers?

Thank you,

Nick


RE: Bind setup to allow transfers - kilburn - 08-15-2010 11:35 AM

Well... you are giving the solution yourself. Adding an "allow-transfer" directive to named.conf.options is working properly for me.... Just make sure to restart bind afterwards (make sure to kill all named processes, because sometimes it hands when restarting, leaving old processes left behind and blocking new transfer tries).


RE: Bind setup to allow transfers - tutux - 11-14-2010 09:41 PM

you have an error in your code:

Code:
also-notify { xxx.xxx.xxx.xxx; yyy.yyy.yyy.yyy; );
allow-transfer { xxx.xxx.xxx.xxx; yyy.yyy.yyy.yyy; );

correct code:

Code:
allow-transfer { xxx.xxx.xxx.xxx; yyy.yyy.yyy.yyy; };
also-notify { xxx.xxx.xxx.xxx; yyy.yyy.yyy.yyy; };


RE: Bind setup to allow transfers - ephigenie - 11-15-2010 05:35 AM

... and make sure, that the upstream nameservers are listed in the domain records (at least as secondary .. )

You override it a bit with "also-notify" since normally all "slave" dns servers in terms of all ns servers for a domain are notified, if the zone serial changes ...