Hi folks, I've already configured split DNS for internal-view and external-view. Also already configured the master - slave dns. But i've problem with external-view zone transfer. Based on the logs, the master notify to slave using the public ip, which is not accessible by master to transfering the zone over public ip. Is it possible to transfer zone over local ip for external-view ? Thanks. -- Regards, Adit http://a <http://simplyaddo.web.id>dityahilman.com http://id.linkedin.com/in/adityahilman ym : science2rule
On 02/18/2015 08:17 PM, aditya hilman wrote:> Hi folks, > > I've already configured split DNS for internal-view and external-view. Also > already configured the master - slave dns. > But i've problem with external-view zone transfer. > Based on the logs, the master notify to slave using the public ip, which is > not accessible by master to transfering the zone over public ip. > Is it possible to transfer zone over local ip for external-view ? > > Thanks.Been a while since I did this, but as I recall I had to set up a second local IP address to transfer the external zone files so it could distinguish between the internal and external requests. HTH
On 2/17/2015 11:17 PM, aditya hilman wrote:> I've already configured split DNS for internal-view and external-view. Also > already configured the master - slave dns. > But i've problem with external-view zone transfer. > Based on the logs, the master notify to slave using the public ip, which is > not accessible by master to transfering the zone over public ip. > Is it possible to transfer zone over local ip for external-view ?your master and slaves really should be geographically distributed, so this problem wouldn't come up. -- john r pierce 37N 122W somewhere on the middle of the left coast
Am 18.02.2015 um 08:17 schrieb aditya hilman <aditya.hilman at gmail.com>:> Hi folks, > > I've already configured split DNS for internal-view and external-view. Also > already configured the master - slave dns. > But i've problem with external-view zone transfer. > Based on the logs, the master notify to slave using the public ip, which is > not accessible by master to transfering the zone over public ip. > Is it possible to transfer zone over local ip for external-view ?add to your external view allow-notify { local ip; }; -- LF
Am 18.02.2015 um 12:26 schrieb Leon Fauster <leonfauster at googlemail.com>:> Am 18.02.2015 um 08:17 schrieb aditya hilman <aditya.hilman at gmail.com>: >> Hi folks, >> >> I've already configured split DNS for internal-view and external-view. Also >> already configured the master - slave dns. >> But i've problem with external-view zone transfer. >> Based on the logs, the master notify to slave using the public ip, which is >> not accessible by master to transfering the zone over public ip. >> Is it possible to transfer zone over local ip for external-view ? > > > > add to your external view > > allow-notify { local ip; };sorry - i meant "also-notify" ... -- LF
On 18/02/2015 07:17, aditya hilman wrote:> Hi folks, > > I've already configured split DNS for internal-view and external-view. Also > already configured the master - slave dns. > But i've problem with external-view zone transfer. > Based on the logs, the master notify to slave using the public ip, which is > not accessible by master to transfering the zone over public ip. > Is it possible to transfer zone over local ip for external-view ? > > Thanks. >Hi Adit, If you are not already using TSIG's in your views I suggest you look at this guide http://blog.hudecof.net/posts/2014/02/07/bind9-with-views-and-tsig-axfr.html It shows how to use TSIG's to identify the views so you can slave both of them to the secondary. also you want to add to the options section on the master also-notify { slaves-IP; }; This make it tell the slave to update its zone. Tris ************************************************************* This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify postmaster at bgfl.org The views expressed within this email are those of the individual, and not necessarily those of the organisation *************************************************************
On Feb 18, 2015 7:43 PM, "Tris Hoar" <trishoar at bgfl.org> wrote:> > On 18/02/2015 07:17, aditya hilman wrote: >> >> Hi folks, >> >> I've already configured split DNS for internal-view and external-view.Also>> already configured the master - slave dns. >> But i've problem with external-view zone transfer. >> Based on the logs, the master notify to slave using the public ip, whichis>> not accessible by master to transfering the zone over public ip. >> Is it possible to transfer zone over local ip for external-view ? >> >> Thanks. >> > > Hi Adit, > > If you are not already using TSIG's in your views I suggest you look atthis guide>http://blog.hudecof.net/posts/2014/02/07/bind9-with-views-and-tsig-axfr.html> It shows how to use TSIG's to identify the views so you can slave both ofthem to the secondary.> > also you want to add to the options section on the master > also-notify { slaves-IP; }; > This make it tell the slave to update its zone. > > Tris > > > ************************************************************* > This email and any files transmitted with it are confidential > and intended solely for the use of the individual or entity to whom theyare addressed. If you have received this email in error please notify postmaster at bgfl.org> > The views expressed within this email are those of the individual, andnot necessarily those of the organisation> ************************************************************* > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centosThanks all for the suggestions. I'll check it.