[nsd-users] nsd refusing secondary AXFR
shmick at riseup.net
shmick at riseup.net
Wed Sep 10 12:20:25 UTC 2014
hello,
please can i have some help regarding this
ive setup nsd as primary with NOKEY
my domain registrar secondary DS cannot handle TSIG
my zone file is signed NSEC3SHA1
each time the designated secondary NS requests AXFR, my nsd server sends
REFUSED which i can see from tcpdumps
ive setup debug logging and it reports:
info: axfr for zone example.com. from client 1.2.3.4 refused, no acl matches
ive simply setup it as followed in nsd.conf & no problems with nsd-checkconf
zone:
name: example.com.
zonefile: example.com.signed
notify: 1.2.3.4 at 53 NOKEY
provide-xfr: 1.2.3.4 at 53 NOKEY
server:
ip-address: 4.3.2.1
port: 53
server-count: 1
username: nsd
do-ip4: yes
do-ip6: no
hide-version: yes
identity: ""
ipv4-edns-size: 4096
zonesdir: "/etc/nsd"
zonefiles-check: yes
verbosity: 2
debug-mode: yes
logfile: "/etc/nsd/nsd.log"
its running from debian jessie amd-64
what could it be ?
More information about the nsd-users
mailing list