[Pdns-users] Notify being ignored
Remi Gacogne
remi.gacogne at powerdns.com
Thu May 4 10:15:35 UTC 2017
On 05/04/2017 12:09 PM, Fabian A. Santiago wrote:
>> 'allow-notify-from' defaults to '0.0.0.0/0,::/0', which allows
>> everything. Of course additional checks are performed afterwards,
>> like checking if the configuration requires a valid TSIG signature,
>> whether we are authoritative for the domain, that we are not master
>> for it and that the notifications comes from a known master or a
>> super-master.
>>
>> Regards,
>
> But aren't they saying that they have their slaves listed as
> supermasters but are still being ignored?
The 'allow-notify-from' check is performed first, and the other checks
are only performed if the source address of the NOTIFY message is
allowed. So if 'allow-notify-from' doesn't allow your slaves in the
first place, it won't work.
--
Remi Gacogne
PowerDNS.COM BV - https://www.powerdns.com/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20170504/533b2ef0/attachment-0001.sig>
More information about the Pdns-users
mailing list