Still not getting this to work just right, refused queries to newly added
zones.
If I config the zone as a master or as a slave it adds with a success from rndc.
Logs show sending notfies as master or completed zone transfer and zone system
file creation if slave.
Query to the newly added zone comes back as refused.
If I run reconfig it will start answering queries, but I'm guessing that is
because its just re-reading the include from new-zone-file. Am I missing
something here?
Dan
On Jul 29, 2010, at 5:33 PM, Dan Durrer wrote:
> Alan,
>
> So is managed.zone.list and zone.list named differently on purpose or is
> that a typo?
>
> Dan
>
> On Jul 29, 2010, at 5:23 PM, Alan Clegg <acl...@isc.org> wrote:
>
>> On 7/29/2010 7:19 PM, Dan Durrer wrote:
>>> Alan,
>>>
>>> I was playing around with your example. I can get it to add the zone
>>> ( that is no rndc errors or syslog messages).
>>>
>>> I see it send notifies for the new zone in my log.
>>>
>>> 29-Jul-2010 23:06:47.063 notify: info: zone exampledomain.com/IN:
>>> sending notifies (serial 12)
>>>
>>> I also added the global option new-zone-file "my_new_zones.dat" and
>>> I see that file being populated with the new zones statements I've
>>> added via rndc.
>>>
>>> The server however responds with a REFUSED for this zone or any
>>> others done via addzone.
>>>
>>> If i take the zone option statement in my_new_zones.dat and apply
>>> them to named.conf and reconfig it resolves just fine. Anyone else
>>> experiencing this?
>>
>> "include" the my_new_zones.dat into your named.conf... my entire
>> named.conf on the sample system reads:
>>
>> ====SNIP====
>> options {
>> directory "/etc/namedb";
>> dnssec-enable yes;
>> dnssec-validation yes;
>> new-zone-file "/etc/namedb/managed.zone.list";
>> key-directory "/etc/namedb/keys";
>> };
>>
>> include "/etc/namedb/zone.list";
>> ====SNIP====
>>
>> Note that the syntax for this set of tools (dynamic zone creation) is a
>> bit in flux and may be completely changed between 9.7.2 and 9.7.3. The
>> functionality will be there, but it might be a bit different in
>> implementation.. (beware!)
>>
>> AlanC
>>
>> _______________________________________________
>> bind-users mailing list
>> bind-users@lists.isc.org
>> https://lists.isc.org/mailman/listinfo/bind-users
> _______________________________________________
> bind-users mailing list
> bind-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
_______________________________________________
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
