shifted
asked on
BIND: "denied update from ..."
Hello!
I have several domains hosted on my nameservers (BIND 8.x). Everything works fine, except that for one of those domains I have following records in my logfiles (both, on master and on slave):
On master: >>>>>>>>>>>>>
...
Feb 28 10:53:35 nsmaster named[76]: denied update from [s.la.ve.ip].2752 for "mydomain.net" IN
Feb 28 10:53:43 nsmaster named[76]: denied update from [s.la.ve.ip].2758 for "mydomain.net" IN
...
<<<<<<<<<<<<<
On slave: >>>>>>>>>>>>>
...
Feb 28 11:05:14 nsslave named[94]: denied update from [s.la.ve.ip].2759 for "mydomain.net" IN
...
<<<<<<<<<<<<<
Weird, that these messages are only for one domain and in the same time DNS database changes are transfered from master to slave.
Any ideas?
I have several domains hosted on my nameservers (BIND 8.x). Everything works fine, except that for one of those domains I have following records in my logfiles (both, on master and on slave):
On master: >>>>>>>>>>>>>
...
Feb 28 10:53:35 nsmaster named[76]: denied update from [s.la.ve.ip].2752 for "mydomain.net" IN
Feb 28 10:53:43 nsmaster named[76]: denied update from [s.la.ve.ip].2758 for "mydomain.net" IN
...
<<<<<<<<<<<<<
On slave: >>>>>>>>>>>>>
...
Feb 28 11:05:14 nsslave named[94]: denied update from [s.la.ve.ip].2759 for "mydomain.net" IN
...
<<<<<<<<<<<<<
Weird, that these messages are only for one domain and in the same time DNS database changes are transfered from master to slave.
Any ideas?
looks like some windows xp systems are trying register themselves on your dns servers. this is default behaviour for them and it can be disabled.
More a question than an answer, but is [s.la.ve.ip] the name of your slave DNS server? Do you run DHCP on it? Apart from windows and MacOSs, this is the other service which could try to update dns entries. Basically who is s.la.ve.ip?
According to RFC2136 (section 4.4 4.6 and 6, from what I gathered glancing over the rfc), slaves are supposed to forward updates to their master. Hence the duplicate, I suppose.
According to RFC2136 (section 4.4 4.6 and 6, from what I gathered glancing over the rfc), slaves are supposed to forward updates to their master. Hence the duplicate, I suppose.
ASKER
Yes, slave in this case runs although a DHCP server. But the log entry is only for one domain, but on those servers there are several domains.
However, is it possible to turn off this slave desire to forward such updates?
However, is it possible to turn off this slave desire to forward such updates?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
it's the server authoritative indeed ?
Cheers.
Cheers.
shifted:
This old question needs to be finalized -- accept an answer, split points, or get a refund. For information on your options, please click here-> http:/help/closing.jsp#1
EXPERTS:
Post your closing recommendations! No comment means you don't care.
This old question needs to be finalized -- accept an answer, split points, or get a refund. For information on your options, please click here-> http:/help/closing.jsp#1
EXPERTS:
Post your closing recommendations! No comment means you don't care.