subject:"Re\: Bind master keeps saying it is not authoritative"

Re: Bind master keeps saying it is not authoritative

2017-03-03 Thread Barry Margolin

In article ,
 Ben Croswell  wrote:

> Ensure that the allow-query clause on the master includes the slave. If the
> slave can't query for the SOA on the zone it can't do an xfer.

But it will be a different error than "Not authoritative".

He has no "allow-query" option, so it defaults to allowing everyone to 
query. Which is normal for a non-hidden master.

> 
> On Mar 2, 2017 6:34 AM, "Xavier Humbert" 
> wrote:
> 
> > The whole configuration, comments removed :
> >
> > -- Master --
> > acl my-slaves {
> > any;// DEBUG
> > };
> >
> > acl my-clients {
> > any;// DEBUG
> > };
> >
> > options {
> > // IP config
> > listen-on port 53 {172.29.16.135; 127.0.0.1; };
> > listen-on-v6 port 53 {none; };
> >
> > // Paths
> > directory"/var/named";
> > dump-file   "/var/named/data/cache_dump.db";
> > statistics-file "/var/named/data/named_stats.txt";
> > memstatistics-file "/var/named/data/named_mem_stats.txt";
> >
> > // Behaviour
> > recursion no;
> > allow-transfer{ my-slaves; };
> > };
> >
> > // rndc key
> > include "/etc/rndc.key";
> >
> > controls {
> > inet 127.0.0.1 port 953
> > allow { 127.0.0.1; } keys { "rndc-key"; };
> > };
> >
> > // Logging
> > // omitted
> >
> > zone "in.acv.orion.education.fr" {
> > type master;
> > file "/etc/named/internal/in.acv.orion.education.fr.db";
> > allow-transfer {my-slaves; };
> > };
> >
> > -- Slave --
> > acl my-clients {
> > localhost;
> > any;//DEBUG
> > };
> >
> > options {
> > // IP config
> > listen-on port 53 {172.29.16.133; 127.0.0.1; };
> > listen-on-v6 port 53 {none; };
> >
> > // Paths
> > directory"/var/named";
> > dump-file   "/var/named/data/cache_dump.db";
> > statistics-file "/var/named/data/named_stats.txt";
> > memstatistics-file "/var/named/data/named_mem_stats.txt";
> >
> > // Behaviour
> > recursion no;
> > allow-update{ 172.29.16.135; };
> > allow-transfer{ 172.29.16.135; };
> >
> > };
> >
> > // rndc key
> > include "/etc/rndc.key";
> >
> > // Logging
> > // Omitted
> >
> > zone "in.acv.orion.education.gouv.fr" {
> > type slave;
> > file "/etc/named/in.acv.orion.education.gouv.fr.db";
> > masters {172.29.16.135; };
> > };
> > zone "." IN {
> > type hint;
> > file "named.ca";
> > };
> >
> > include "/etc/named.rfc1912.zones";
> > include "/etc/named.root.key";
> >
> > --
> >
> > Really, reall basic !
> > Thanks
> >
> > --
> > Xavier Humbert
> > CRT Supervision et Exploitation de Niveau 1
> > Rectorat de Nancy-Metz
> > 03 83 86 27 39
> >
> >
> >
> > ___
> > Please visit https://lists.isc.org/mailman/listinfo/bind-users to
> > unsubscribe from this list
> >
> > bind-users mailing list
> > bind-users@lists.isc.org
> > https://lists.isc.org/mailman/listinfo/bind-users
> >

-- 
Barry Margolin
Arlington, MA
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: Bind master keeps saying it is not authoritative

2017-03-02 Thread Ben Croswell

Ensure that the allow-query clause on the master includes the slave. If the
slave can't query for the SOA on the zone it can't do an xfer.

On Mar 2, 2017 6:34 AM, "Xavier Humbert" 
wrote:

> The whole configuration, comments removed :
>
> -- Master --
> acl my-slaves {
> any;// DEBUG
> };
>
> acl my-clients {
> any;// DEBUG
> };
>
> options {
> // IP config
> listen-on port 53 {172.29.16.135; 127.0.0.1; };
> listen-on-v6 port 53 {none; };
>
> // Paths
> directory"/var/named";
> dump-file   "/var/named/data/cache_dump.db";
> statistics-file "/var/named/data/named_stats.txt";
> memstatistics-file "/var/named/data/named_mem_stats.txt";
>
> // Behaviour
> recursion no;
> allow-transfer{ my-slaves; };
> };
>
> // rndc key
> include "/etc/rndc.key";
>
> controls {
> inet 127.0.0.1 port 953
> allow { 127.0.0.1; } keys { "rndc-key"; };
> };
>
> // Logging
> // omitted
>
> zone "in.acv.orion.education.fr" {
> type master;
> file "/etc/named/internal/in.acv.orion.education.fr.db";
> allow-transfer {my-slaves; };
> };
>
> -- Slave --
> acl my-clients {
> localhost;
> any;//DEBUG
> };
>
> options {
> // IP config
> listen-on port 53 {172.29.16.133; 127.0.0.1; };
> listen-on-v6 port 53 {none; };
>
> // Paths
> directory"/var/named";
> dump-file   "/var/named/data/cache_dump.db";
> statistics-file "/var/named/data/named_stats.txt";
> memstatistics-file "/var/named/data/named_mem_stats.txt";
>
> // Behaviour
> recursion no;
> allow-update{ 172.29.16.135; };
> allow-transfer{ 172.29.16.135; };
>
> };
>
> // rndc key
> include "/etc/rndc.key";
>
> // Logging
> // Omitted
>
> zone "in.acv.orion.education.gouv.fr" {
> type slave;
> file "/etc/named/in.acv.orion.education.gouv.fr.db";
> masters {172.29.16.135; };
> };
> zone "." IN {
> type hint;
> file "named.ca";
> };
>
> include "/etc/named.rfc1912.zones";
> include "/etc/named.root.key";
>
> --
>
> Really, reall basic !
> Thanks
>
> --
> Xavier Humbert
> CRT Supervision et Exploitation de Niveau 1
> Rectorat de Nancy-Metz
> 03 83 86 27 39
>
>
>
> ___
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to
> unsubscribe from this list
>
> bind-users mailing list
> bind-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
>
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: Bind master keeps saying it is not authoritative

2017-03-02 Thread Edda


Is this the zone in question?

master:
zone "in.acv.orion.education.fr" {

wrong on slave:
zone "in.acv.orion.education.gouv.fr" {

Regards, Edda




Am 02.03.17 um 12:33 schrieb Xavier Humbert:

The whole configuration, comments removed :

-- Master --
acl my-slaves {
 any;// DEBUG
};

acl my-clients {
 any;// DEBUG
};

options {
// IP config
 listen-on port 53 {172.29.16.135; 127.0.0.1; };
 listen-on-v6 port 53 {none; };

// Paths
 directory"/var/named";
 dump-file   "/var/named/data/cache_dump.db";
 statistics-file "/var/named/data/named_stats.txt";
 memstatistics-file "/var/named/data/named_mem_stats.txt";

// Behaviour
 recursion no;
 allow-transfer{ my-slaves; };
};

// rndc key
include "/etc/rndc.key";

controls {
 inet 127.0.0.1 port 953
 allow { 127.0.0.1; } keys { "rndc-key"; };
};

// Logging
// omitted

zone "in.acv.orion.education.fr" {
 type master;
 file "/etc/named/internal/in.acv.orion.education.fr.db";
 allow-transfer {my-slaves; };
};

-- Slave --
acl my-clients {
 localhost;
 any;//DEBUG
};

options {
// IP config
 listen-on port 53 {172.29.16.133; 127.0.0.1; };
 listen-on-v6 port 53 {none; };

// Paths
 directory"/var/named";
 dump-file   "/var/named/data/cache_dump.db";
 statistics-file "/var/named/data/named_stats.txt";
 memstatistics-file "/var/named/data/named_mem_stats.txt";

// Behaviour
 recursion no;
 allow-update{ 172.29.16.135; };
 allow-transfer{ 172.29.16.135; };

};

// rndc key
include "/etc/rndc.key";

// Logging
// Omitted

zone "in.acv.orion.education.gouv.fr" {
 type slave;
 file "/etc/named/in.acv.orion.education.gouv.fr.db";
 masters {172.29.16.135; };
};
zone "." IN {
 type hint;
 file "named.ca";
};

include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";

--

Really, reall basic !
Thanks



___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users



___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: Bind master keeps saying it is not authoritative

2017-03-02 Thread Xavier Humbert

The whole configuration, comments removed :

-- Master --
acl my-slaves {
any;// DEBUG
};

acl my-clients {
any;// DEBUG
};

options {
// IP config
listen-on port 53 {172.29.16.135; 127.0.0.1; };
listen-on-v6 port 53 {none; };

// Paths
directory"/var/named";
dump-file   "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";

// Behaviour
recursion no;
allow-transfer{ my-slaves; };
};

// rndc key
include "/etc/rndc.key";

controls {
inet 127.0.0.1 port 953
allow { 127.0.0.1; } keys { "rndc-key"; };
};

// Logging
// omitted

zone "in.acv.orion.education.fr" {
type master;
file "/etc/named/internal/in.acv.orion.education.fr.db";
allow-transfer {my-slaves; };
};

-- Slave --
acl my-clients {
localhost;
any;//DEBUG
};

options {
// IP config
listen-on port 53 {172.29.16.133; 127.0.0.1; };
listen-on-v6 port 53 {none; };

// Paths
directory"/var/named";
dump-file   "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";

// Behaviour
recursion no;
allow-update{ 172.29.16.135; };
allow-transfer{ 172.29.16.135; };

};

// rndc key
include "/etc/rndc.key";

// Logging
// Omitted

zone "in.acv.orion.education.gouv.fr" {
type slave;
file "/etc/named/in.acv.orion.education.gouv.fr.db";
masters {172.29.16.135; };
};
zone "." IN {
type hint;
file "named.ca";
};

include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";

--

Really, reall basic !
Thanks

-- 
Xavier Humbert
CRT Supervision et Exploitation de Niveau 1
Rectorat de Nancy-Metz
03 83 86 27 39




signature.asc
Description: OpenPGP digital signature
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: Bind master keeps saying it is not authoritative

2017-03-02 Thread Tony Finch

Xavier Humbert  wrote:
>
> I'm really lost. I've configured dozens of DNSs with no such problems.
> Did I miss something obvious ?

I can't see anything obvious... Did you obfuscate the zone name so we
can't see if there's a typo?

Tony.
-- 
f.anthony.n.finch    http://dotat.at/  -  I xn--zr8h punycode
Fitzroy, Sole: South or southwest, becoming cyclonic later, 5 to 7, perhaps
gale 8 later. Rough or very rough. Rain or thundery showers. Moderate or good.
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: Bind master keeps saying it is not authoritative

Re: Bind master keeps saying it is not authoritative

Re: Bind master keeps saying it is not authoritative

Re: Bind master keeps saying it is not authoritative

Re: Bind master keeps saying it is not authoritative

5 matches

Site Navigation

Mail list logo

Footer information