In message <50a58610.8000...@blacklistthisdomain.com>, Silas Cutler writes: > No ACLs in place. > > [SLAVE] > Nov 15 19:13:36 [Redacted] named[21899]: zone rpz/IN: refresh: > unexpected rcode (REFUSED) from master MASTER#53 (source 0.0.0.0#0) > Nov 15 19:13:36 [Redacted] named[21899]: zone rpz/IN: Transfer started. > Nov 15 19:13:36 [Redacted] named[21899]: transfer of 'rpz/IN' from > MASTER#53: connected using SLAVE#39164 > Nov 15 19:13:36 [Redacted] named[21899]: transfer of 'rpz/IN' from > MASTER#53: failed while receiving responses: NOTAUTH > Nov 15 19:13:36 [Redacted] named[21899]: transfer of 'rpz/IN' from > MASTER#53: Transfer completed: 0 messages, 0 records, 0 bytes, 0.070 > secs (0 bytes/sec) > > [MASTER] > Nov 16 00:12:51 [Redacted] named[32736]: client SLAVE#39164: bad zone > transfer request: 'rpz/IN': non-authoritative zone (NOTAUTH) > Nov 16 00:13:40 [Redacted] named[32736]: client SLAVE#59205: bad zone > transfer request: 'rpz/IN': non-authoritative zone (NOTAUTH)
There is no master/slave zone called "rpz" configured in the "master" server. > On 11/15/12 7:08 PM, Mark Andrews wrote: > > In message <50a582d2.30...@blacklistthisdomain.com>, Silas Cutler writes: > >> Well, the authoritative server can handle the zone file size. However, > >> with the slave makes the request for the zone, I get: > >> > >> refresh: unexpected rcode (REFUSED) > > The slave is making a SOA query to the master and is getting refused as > > as response. I would be checking your acls. Look at the logs on the > > master. > > > >> On 11/15/12 6:59 PM, Mark Andrews wrote: > >>> In message <50a580c1.9080...@blacklistthisdomain.com>, Silas Cutler write > s: > >>>> Good Evening, > >>>> > >>>> I've been doing some DNS RPZ experiments and during my testing I found > >>>> that if a DNS Zone on an Authoritative DNS Server has more then 100k > >>>> elements, it will not replicate to a slave DNS Server. > >>>> > >>>> Do you know if this is a known issue or a PEBKAC related problem? > >>> Given named hosts zones with 10's, if not 100's, of millions of > >>> records it isn't record count. There are no fixed limits, just > >>> what the machines memory can support. > >>> > >>>> Cheers, > >>>> Silas Cutler > >>>> Security Researcher > >>>> _______________________________________________ > >>>> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubs > cr > >> ibe > >>>> from this list > >>>> > >>>> bind-users mailing list > >>>> bind-users@lists.isc.org > >>>> https://lists.isc.org/mailman/listinfo/bind-users > -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users