On Wed, Feb 18, 2015 at 7:47 PM, aditya hilman <aditya.hilman at
gmail.com>
wrote:
>
> On Feb 18, 2015 7:43 PM, "Tris Hoar" <trishoar at bgfl.org>
wrote:
> >
> > On 18/02/2015 07:17, aditya hilman wrote:
> >>
> >> Hi folks,
> >>
> >> I've already configured split DNS for internal-view and
external-view.
> Also
> >> already configured the master - slave dns.
> >> But i've problem with external-view zone transfer.
> >> Based on the logs, the master notify to slave using the public ip,
> which is
> >> not accessible by master to transfering the zone over public ip.
> >> Is it possible to transfer zone over local ip for external-view ?
> >>
> >> Thanks.
> >>
> >
> > Hi Adit,
> >
> > If you are not already using TSIG's in your views I suggest you
look at
> this guide
> >
>
http://blog.hudecof.net/posts/2014/02/07/bind9-with-views-and-tsig-axfr.html
> > It shows how to use TSIG's to identify the views so you can slave
both
> of them to the secondary.
> >
> > also you want to add to the options section on the master
> > also-notify { slaves-IP; };
> > This make it tell the slave to update its zone.
> >
> > Tris
> >
> >
> > *************************************************************
> > This email and any files transmitted with it are confidential
> > and intended solely for the use of the individual or entity to whom
they
> are addressed. If you have received this email in error please notify
> postmaster at bgfl.org
> >
> > The views expressed within this email are those of the individual, and
> not necessarily those of the organisation
> > *************************************************************
> >
> > _______________________________________________
> > CentOS mailing list
> > CentOS at centos.org
> > http://lists.centos.org/mailman/listinfo/centos
>
> Thanks all for the suggestions.
> I'll check it.
>
Hi folks,
Below the named.conf and logs when transfer zone the external-view.
Transfer zone for the internal-view is working properly.
named.conf
view "internal-view" {
match-clients { internal; };
zone "." IN {
type hint;
file "named.ca";
};
# domain zone
zone "domain.com" {
type master;
file "domain.com.internal";
allow-transfer { 10.xx.xx.xx; 10.xx.xx.xx; };
notify yes;
also-notify { 10.xx.xx.xx; 10.xx.xx.xx; };
};
}
view "external-view" {
match-clients { any; };
zone "." IN {
type hint;
file "named.ca";
};
# domain zone
zone "domain.com" {
type master;
file "domain.com.external";
allow-transfer { 10.xx.xx.xx; 10.xx.xx.xx; };
notify yes;
also-notify { 10.xx.xx.xx; 10.xx.xx.xx; };
};
}
18-Feb-2015 09:00:59.176 notify: debug 2: zone domain.com/IN/external-view:
notify to 202.xx.xx.xx#53 failed: timed out
Can i redirect transfer zone the external-view using the local ip
10.xx.xx.xx ?
Thanks.
--
Regards,
Adit
http://a <http://simplyaddo.web.id>dityahilman.com
http://id.linkedin.com/in/adityahilman
ym : science2rule