Strange DNS problem.

M

Misiek

New member
Joined
Feb 11, 2009
Messages
4
Hi all,
New problem appeared.
When i try to add domain thru dns administration it will not add domain and break named.conf :

Jan 14 20:07:22 named[1059366]: /etc/named.conf:103: unknown option 'allow-transfer'
Jan 14 20:07:22 named[1059366]: reloading configuration failed: failure
Jan 14 20:07:22 sh[1103476]: rndc: 'reload' failed: failure
Jan 14 20:07:22 named.service: Control process exited, code=exited status=1
Jan 14 20:07:22 Reload failed for Berkeley Internet Name Domain (DNS).

Last line look like this:

zone "domain.eu" { type master; file "/var/named/domain.eu.db"; };allow-transfer { 79.98.111.111; 51.38.111.111; };

I have no idea what is adding that allow transfer part and why every time I add domain the part of allow trasfer appears
 
looks to me that your named.conf was already broken and after reload you have now an error.
Misiek said:
unknown option 'allow-transfer'
Click to expand...
is this on purpose? do you have external NS server ? syntax is ok ?
should be like :
allow-transfer {1.2.3.4; 7.8.9.0;};
in option section in named.conf
default is:
options {
directory "/var/named";
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;

allow-transfer { none; };
allow-recursion { localnets; };
listen-on-v6 { any; };
notify no;
};
Click to expand...
 
Last edited:
Active8 said:
looks to me that your named.conf was already broken and after reload you have now an error.

is this on purpose? do you have external NS server ? syntax is ok ?
should be like :
allow-transfer {1.2.3.4; 7.8.9.0;};
in option section in named.conf
default is:
Click to expand...
Even if i clean named.conf it is automaticly added later. I have no idea why
 
Is that one of your server IP in allow-transfer ?
Maybe directslave ???

If not your server IP, maybe it's infect with malware.
 
Its not malware. Its adding it by force at the end of named.conf both legit servers but not slaves either way its adding it wrong and named is dying
 
You must log in or register to reply here.
Back
Top