[Re: 3.0.1 secondary issues.]
Wouter Wijngaards
wouter at NLnetLabs.nl
Tue Sep 19 13:11:47 UTC 2006
And one for the mailing list, there is IP4, IP6 and ip4mappedtoip6.
Some networkd stacks like to ip4map your packets.
Best regards,
Wouter
----- Forwarded message from Wouter Wijngaards <wouter at NLnetLabs.nl> -----
On Tue, Sep 19, 2006 at 09:43:09AM +0200, M??ns Nilsson wrote:
> Hi,
>
> I'm having a number of problems with my NSD 3. I am trying to serve SE, as
> a AXFR client, with the following config file: (some obfuscation
> performed.. )
>
> # for nsdc
> allow-notify: ::1 NOKEY
> allow-notify: 127.0.0.1 NOKEY
>
> The symptoms are that even when I'm manually triggering updates (nsdc
> update) there is no zone update performed. The masters are said to be
> sending notifies.
>
> The only way I can get new zones in is by stopping NSD, and removing old
> data files.
>
> Am I doing anytrhing blatantly wrong?
Nothing in particular but it could be that the OS puts your ip4 addresses
as ip4mapped ip6 addresses. And that you need to allow :ffff::127.0.0.1
access to notify. I have seen this happen on a Solaris IP stack, even if
you send to 127.0.0.1.
This may also apply to the notifies sent by the master.
You could start nsd with -L 2 (only in --enable-checking configured) to
see something happen in the log file. If a valid notify arrives it will be
logged.
If the notify is not allowed, you can see which acls it is testing it against.
Best regards,
Wouter
----- End forwarded message -----
More information about the nsd-users
mailing list