Skip to Content.
Sympa Menu

discuss - Re: [opennic-discuss] New T2 Server Config

discuss AT lists.opennicproject.org

Subject: Discuss mailing list

List archive

Re: [opennic-discuss] New T2 Server Config


Chronological Thread 
  • From: Psilo <dns AT psilo.org>
  • To: discuss AT lists.opennicproject.org
  • Subject: Re: [opennic-discuss] New T2 Server Config
  • Date: Thu, 30 Dec 2010 14:41:11 +0100
  • Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:content-type :content-transfer-encoding; b=fXT1/W2YDx1zz+rUl41hY2abIkyZ36J11dsQt3VWXMbt+S91rgUE8EmhXrqHA00lAW Pu2cbUOQxkAf+zhdGRkCIs/NqNmpiSv+w8lQlFYSgHi9qvaSeApMbJvXxhbD7a9B5cws Neb1mmBxSfEP4uxGgcKqwVtZL9StBtNl0PaWI=
  • List-archive: <http://lists.darkdna.net/pipermail/discuss>
  • List-id: <discuss.lists.opennicproject.org>

Hello gurus, the config described to slave the dns.opennic.glue zone
doesn't work for me, I get a SERVFAIL response.
I must have missed something, any idea?

2010/12/30 Jeff Taylor <shdwdrgn AT sourpuss.net>:
> Actually I don't think there's any need to allow transfers to anyone OTHER
> than T1/T2 servers, but you'll need to create an ACL for that list.
> However, the only information contained in the zone file is the hostname and
> IP address - the same info that is presented on the wiki page, so allowing
> an axfr in this case does not disclose any information that was not already
> publicly available.
>
>
> On 12/29/2010 05:38 PM, Larry Brower wrote:
>
> Wouldn't it be better to use tsig keys as opposed to allowing anyone to do
> axfr?
>
>
> Connected by MOTOBLURâ„¢ on T-Mobile
>
> -----Original message-----
>
> From: Julian De Marchi <julian AT jdcomputers.com.au>
> To: OpenNIC discussion <discuss AT lists.opennicproject.org>
> Sent: Wed, Dec 29, 2010 16:54:28 CST
> Subject: [opennic-discuss] New T2 Server Config
>
> Heya--
>
> OpenNIC has a requirement that all T2 servers slavethe
> dns.opennic.glue domain. This is to fix some issues that are occuring
> when this domain is not slaved.
>
> The original idea was from Avo, but I never had a chance to update the
> required documentation.
>
> Add this into your config;
>
> zone "dns.opennic.glue" {
> type slave;
> file "/etc/bind/zones/slaves/db.dns.opennic";
> masters { [server IP number]; [server IP number]; [server IP
> number]; };
> notify no;
> allow-transfer { any; };
> };
>
> Sorry for the late info. All documentation for bind has been updated.
> Can someone please visit http://wiki.opennic.glue/Tier2ServerConfig
> and update the config for other breeds of DNS servers?
>
> --julian
> _______________________________________________
> discuss mailing list
> discuss AT lists.opennicproject.org
> http://lists.darkdna.net/mailman/listinfo/discuss
>
> _______________________________________________
> discuss mailing list
> discuss AT lists.opennicproject.org
> http://lists.darkdna.net/mailman/listinfo/discuss
>
>
> _______________________________________________
> discuss mailing list
> discuss AT lists.opennicproject.org
> http://lists.darkdna.net/mailman/listinfo/discuss
>
>




Archive powered by MHonArc 2.6.19.

Top of Page