10-15-2001
BIND allows you to explicitly specify which hosts you will allow transfers to. usually you will specify just your secondary nameservers. The syntax is:
xfernets 192.168.0.1&255.255.255.255
Replace 192.168.0.1 with whatever the IP of your seconday server is. All other IP's will be denied. Note that you must follow the syntax exactly (no additional whitespace allowed). Check out the BIND docs for more, or read the "Ask Mr DNS" website which answers just about every DNS-related question you could think of:
http://www.acmebw.com/askmrdns
9 More Discussions You Might Find Interesting
1. Shell Programming and Scripting
Dear all,
Did anyone in this forum know site that offer free DNS zone transfer? if anyon know, please reply my message.
Thanks (0 Replies)
Discussion started by: unknown2205
0 Replies
2. Solaris
Hi,
I have a primary/slave Bind 9 setup running on a Solaris 10 platform. Everything is hunky dorey, except for when I make a zone file change and up the serial the file that is transferred to the slave looses all its comments, and the entries are place in alphabetical order.
I administer many... (1 Reply)
Discussion started by: fulhamfcboy
1 Replies
3. Solaris
I have an old Sun SparcStation 5 that is running Sun OS 5.7, I'm not sure which commands would allow me to obtain the DNS zone transfer settings?
1.) I'm needing to know if the zone transfers are enabled.
2.) If it is enabled, does it transfer to specific servers
3.) If so, how do I go about... (1 Reply)
Discussion started by: Fhistleb
1 Replies
4. Solaris
I have two physical servers, with zones that mount local storage.
We were using "raw device" in the zonecfg to point to a metadevice on the global zone (it was not mounted in the global zone at any point).
It failed to mount on every boot because the directory existed in the zone.
I... (6 Replies)
Discussion started by: BG_JrAdmin
6 Replies
5. Solaris
Hi All ,
I have 2 DNS servers (BIND 9.6.1 -Solaris 10) .Its configured as master ,slave serves .Now i am recieving error messages related to zone transfer in both the servers as mentioned below .
Primar Server
named: client x.x.x.x#40825: transfer of './IN': sending zone data: ran... (1 Reply)
Discussion started by: sandeep.tk
1 Replies
6. Solaris
can some one help me out as it is showing 2 different time zones in global zone and nonglobal zone .In global zone it is showing in GMT while in nonglobal zone i it showing as PDT.
System in running with solaris 10 (3 Replies)
Discussion started by: ravijanjanam12
3 Replies
7. Ubuntu
I have a couple of zone conf files for the BIND server.
There are some records that contains the "IN" statement and some do not.
But anyway this works.
So my question is what this "IN" is intended for?
Here is the zone file example:
ORIGIN .
$ttl 60
example.com. IN SOA ... (4 Replies)
Discussion started by: andriesh
4 Replies
8. UNIX for Advanced & Expert Users
Dear all,
recently, I migrated a solaris zone from one host to another. The zone was inside of a zpool. The zpool cotains two volumes.
I did the following:
host1:
$ zlogin zone1 shutdown -y -g0 -i0 #Zone status changes from running to installed
$ zpool export zone1
host2:
$ zpool... (2 Replies)
Discussion started by: custos
2 Replies
9. Solaris
Hi, hoping someone can help, its been a while since I used Solaris.
After creating a NGZ (non global zone), the NGZ can access the GZ (Global Zone) and the GZ can access the NGZ (using ssh, zlogin)
However, the NGZ cannot access any other netwqork devices, it can't even see the default router
... (2 Replies)
Discussion started by: GazinLincoln
2 Replies
LEARN ABOUT ULTRIX
named-xfer
named-xfer(8) System Manager's Manual named-xfer(8)
Name
named-xfer - pull BIND/Hesiod zones from another server
Syntax
/usr/etc/named-xfer -z zone_to_transfer -f db_file -s serial_no [ -d debug_level ] [ -l debug_log_file ] [ -t trace_file ] [ -p port ] [ -n
] [ -a auth_type.auth_ver ] servers...
Description
The transfer daemon, is a server that is usually run by the daemon, but it can also be run manually with the given arguments. The transfer
daemon runs on a BIND/Hesiod secondary server and pulls BIND/Hesiod zones from a primary server. This daemon is not run by default, nor
can it be started up from
Options
-z zone_to_transfer
This option is required to pull a zone. The zone_to_transfer argument specifies the name of the BIND/Hesiod zone that
the daemon will transfer, for example, dec.com.
-f db_file This option is required to pull a zone. The db_file argument specifies the name of the file into which the pulled zone
information is placed.
-s serial_no This option is required to pull a zone. The serial_no argument should be set to the current serial number of the SOA
record for the zone zone_to_transfer. If serial_no is set to 0, the zone is always pulled.
-d debug_level The debug_level argument sets the debug level and determines the amount of debug information to be displayed.
-l debug_log_file The debug_log_file argument specifies the file that will contain any debug messages from the zone pull.
-t trace_file The trace_file argument specifies the file that will contain a trace from the zone pull.
-p port The port argument specifies the port that will be used instead of the default nameserver port listed in
-n This option must be used when the daemon is running in the network safe mode. It indicates that the zone pull must be
authenticated.
-a auth_type.auth_ver
This option must be used if the daemon is running in the network safe mode. The auth_type argument indicates what type
of authentication to use and the auth_ver argument indicates what version of the authentication type to use. Currently,
the auth_type must be "kerberos" and the auth_ver must be "one".
servers... The servers argument is a list of Internet addresses from which to pull a zone. If the first host cannot be ddreached,
the transfer daemon will try to pull the zone from the next host listed.
See Also
services(5), named(8), kerberos(8krb)
Guide to the BIND/Hesiod Service
Guide to Kerberos
named-xfer(8)