[Fwd: Re: [Pdns-users] AXFR in 2.9.8 version]
Ian R. Justman
ianj at ian-justman.com
Fri Jul 18 00:42:57 UTC 2003
I meant to send this to the entire list as well so everyone can benefit.
--Ian.
-------- Original Message --------
Subject: Re: [Pdns-users] AXFR in 2.9.8 version
Date: Thu, 17 Jul 2003 17:41:43 -0700
From: Ian R. Justman <ianj at ian-justman.com>
To: Vinicius Correa <vcorrea at plugin.com.br>
References: <019801c34bd0$7c900580$2701a8c0 at plugin.local>
<1058428046.1993.20.camel at vaio.diederik.nl>
<006601c34c69$0304a920$2701a8c0 at plugin.local>
Vinicius Correa wrote:
> Hi there!
>
> Now I'm using 2.9.10 but i'm having another problem... The secondary
> nameserver doesn't start AXFR. Follow the message in the log:
>
> Received valid NOTIFY for "domain" (id=1) from master "master dns":
> 200212270 > 200212251
>
> And the AXFR does not start!
>
> When I use the 2.9.10 in primary nameserver and the 2.9.8 in
> the secondary nameverser it works!
>
> Whats is happening? I'm using the same configuration file!
>
> What is wrong?
I am told that the disable-xfer configuration item does not entirely work
as intended. I have to put in:
disable-axfr=yes
in my pdns.conf file for zone transfers to work at all.
With this line and without any allow-axfr-ips= lines, it will permit zone
transfers from anywhere.
If you want to restrict zone transfers to certain IPs, be sure to insert an
"allow-axfr-ips=(ips here, comma-delimited)" line. AXFRs are denied from
anywhere else.
Hope this helps.
--Ian.
More information about the Pdns-users
mailing list