[Pdns-users] AXFR chunk error: Server Not Authoritative for zone / Not Authorized
a b
tripivceta at hotmail.com
Sun Sep 6 14:11:26 UTC 2015
> Yes. and I ment ALLOW-AXFR-FROM. You can use
>
> pdnssec set-meta
>
> Command to set this value.
That is good to know, thank you.
# pdnssec set-meta ALLOW-AXFR-FROM '0.0.0.0/0'
Unable to set meta for 'ALLOW-AXFR-FROM'
It appears that "set-meta" is not documented in the 3.4.5's pdnssec manual page, so I am not sure what to put in there.
Does using the pdnssec command imply that I have to configure NSSEC?
Meanwhile, I discovered that if I set:
allow-axfr-ips=0.0.0.0/0
in pdns.conf, the AXFR semantics work as in pdns_server 3.1.
This seems odd, because a recursive diff between 3.1 and 3.4.5 comes up with the following:
--- pdns-3.4.1/pdns/common_startup.cc Tue Oct 28 13:51:22 2014
+++ pdns-3.4.5/pdns/common_startup.cc Tue Jun 9 14:29:04 2015
...
...
...
- ::arg().set("slave-cycle-interval","Reschedule failed SOA serial checks once every .. seconds")="60";
+ ::arg().set("allow-notify-from","Allow AXFR NOTIFY from these IP ranges. If empty, drop all incoming notifies.")="0.0.0.0/0,::/0";
+ ::arg().set("slave-cycle-interval","Schedule slave freshness checks once every .. seconds")="60";
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20150906/c020cd0b/attachment-0001.html>
More information about the Pdns-users
mailing list