[nsd-users] Notify refused, no acl matches

Jeroen Koekkoek jeroen at nlnetlabs.nl
Thu Jun 30 07:50:29 UTC 2022


Hi Alexander,

Seems to me the primary is configured correctly as far as notify
messages go. Presumably, the address from which the notify is sent is
different, or perhaps the key doesn't match.

It is probably easiest to use something like ldns-notify to test what
the exact issue is. At least, that's the route I'd take. Don't think
you need to test with actual zone updates, just sent a notify and NSD
will figure out there's no new information once it passes the acl.

- Jeroen


On Wed, 2022-06-29 at 20:48 +0200, Jan-Piet Mens via nsd-users wrote:
> > nsd[202429]: info: zone foo.bar serial [NUMBER HERE] is updated to
> > [NUMBER
> > HERE]
> 
> there is so much obfuscation here, that IMO it's impossible to assist
> you.
> Honestly, now, you're even obfuscating SOA serial numbers?!
> Obfuscation taken
> to a completely new level.
> 
>         -JP
> _______________________________________________
> nsd-users mailing list
> nsd-users at lists.nlnetlabs.nl
> https://lists.nlnetlabs.nl/mailman/listinfo/nsd-users



More information about the nsd-users mailing list