Yes. This is the acl:
acl local { 10.0.1.0/24; 127.0.0.1; };
Thanks,
-
Carlos Eduardo Ribas
2012/7/5 Jan-Piet Mens
> > That's really odd...
>
> I note that on the master zone you have
>
> allow-query { local; };
>
> Does "local" contain the slav
ers
> On 05/07/12 15:34, Carlos Ribas wrote:
>
>> I tried transfer-source before, but this is what happened:
>>
>
> You still need to set "masters { 10.x.x.x; };" on the zone.
>
> Transfer source controls the source IP. Masters controls the destination
>
I tried transfer-source before, but this is what happened:
05-Jul-2012 11:04:53.550 general: info: zone example.com/IN/internal:
refresh: retry limit for master 143.X.X.X#53 exceeded (source 10.0.1.3#0)
Maybe I'm doing something wrong, but this only tells to slave to use its
private IP, but it
Hi,
Yes. That´s the problem. I have this statement defined, but it still
try to connect using the wrong IP. Any ideas?
Regards,
-
Carlos Eduardo Ribas
2012/7/5 Jan-Piet Mens
> > Is it possible to configure my slave to receive zones using an
> > specific i
Hello All,
I´m getting messages like this in the log of my slave:
05-Jul-2012 08:32:48.395 general: info: zone example.com/IN/external:
refresh: retry limit for master 143.X.X.X#53 exceeded (source 0.0.0.0#0)
05-Jul-2012 08:33:47.860 general: info: zone example.com/IN/internal:
refresh: retry lim
Hello all,
I have a server that is authoritative to my domain and is secondary to
four different domains. What is the best way to receive the zones from
master using TSIG? May I have something like this into a view statement?
server 10.0.1.1 { keys hostA-myserver; };
server 10.0.1.2 { keys ho
Because this IP has dnssec enabled and raindrop.us is signed :-)
Regards,
-
Carlos Eduardo Ribas
2012/4/18 Alan Batie
> On 4/18/12 10:46 AM, Carlos Ribas wrote:
>
> > Is your recursive resolver also authoritative for raindrop.us?
> > I
Hello,
Is your recursive resolver also authoritative for raindrop.us? If so,
you will not get the "ad" flag. You can test with DNS-OARC resolver [1]:
# dig +dnssec +multiline @149.20.64.20 raindrop.us
; <<>> DiG 9.7.3 <<>> +dnssec +multiline @149.20.64.20 raindrop.us
; (1 server found)
;; gl
st regards,
-
Carlos Eduardo Ribas
2012/4/5 Mark Andrews
>
> In message <
> cagdn3fe22-rh0gcp3soym5d2snykex7_m7fdhj_kde00y9u...@mail.gmail.com>
> , Carlos Ribas writes:
> > Hello,
> >
> > I'm sending this message to see if I understood t
Hello,
I'm sending this message to see if I understood the meaning of " RFC
1918 response from Internet" message logs. I read the FAQ of Bind [1], but
I have to be honest to say that I'm a litlle bit confused, since English is
not my first language.
I'm using Bind 9.7.3 in a Debian server
Hello,
You're right Mark, thanks. The problem I said yesterday was solved
with the implementation of TSIG as mentioned in
https://www.isc.org/faq/item/182.
What happened was that my slave was receiving zones from the same
master view. I know, my fault! but I hope my error helps you guys
Hello all,
I'm with problems in my dns. Some external clients access my zones
without problem, but others can´t access because they are receiving
internal IP instead of public ones. I'm using views and below is the basic
configuration. Is there something wrong?
acl rede_local { 10.0.1.0/24;
Hello all,
I just want to say thank you for all the responses. Now it works! I
removed the slave zone, but I also had to change the master configuration
to use db.example.br rather than db.example.br.signed, then re-sign the
zone and then back to use db.example.br.signed.
Best regards,
got the old serial number,even after
restart bind. Should I have to disable DNSSEC?
Regards,
-
Carlos Eduardo Ribas
2012/3/26 Chuck Swiger
> On Mar 26, 2012, at 11:30 AM, Carlos Ribas wrote:
> > I accidentally changed the serial number to one bigger tha
Hello all,
I accidentally changed the serial number to one bigger than 32 bits and now
I'm trying to reset the serial number. Following the manual of Bind9 I
tried to add 2147483647 (2ˆ31-1) to the number and reload the server, but
my slave is not updating to the new zone serial number.
Here is w
15 matches
Mail list logo
