LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   *BSD (https://www.linuxquestions.org/questions/%2Absd-17/)
-   -   NSD zone XFR error "NOT IMPL" (https://www.linuxquestions.org/questions/%2Absd-17/nsd-zone-xfr-error-not-impl-4175586299/)

alanware 08-04-2016 05:25 PM
NSD zone XFR error "NOT IMPL"
 
I have a master/slave nsd setup and am testing the zone transfer. When I issue
Code:
nsd-control notify example.net
nsd-control notify 3.168.192.in-addr.arpa.
I receive an error message.

Code:
Aug  4 16:47:11 ns2 nsd[22095]: xfrd: zone example.net received error code NOT IMPL from 192.168.3.22
Aug  4 16:47:11 ns2 nsd[22095]: xfrd: zone 3.168.192.in-addr.arpa. received error code NOT IMPL from 192.168.3.22
Primary nsd.conf
Code:
server:
        hide-version: yes
        verbosity: 1
        database: "" # disable database

## bind to a specific address/port
        ip-address: 192.168.3.22
        ip-address: 127.0.0.1@8053

remote-control:
        control-enable: yes

## tsig key

key:
        name: "tsig1.example.net"
        algorithm: hmac-md5
        secret: ""

pattern:
        name: "toslave"
        notify: 192.168.3.23 tsig1.example.net
        provide-xfr: 192.168.3.23 tsig1.example.net
        outgoing-interface: 192.168.3.22

## example forward zone
zone:
        name: "example.net"
        zonefile: "example.net.zone"
        include-pattern: "toslave"

## example reverse zone
zone:
        name: "3.168.192.in-addr.arpa."
        zonefile: "example.net.rev"
        include-pattern: "toslave"
Secondary nsd.conf
Code:
server:
        hide-version: yes
        verbosity: 1
        database: "" # disable database

## bind to a specific address/port
        ip-address: 192.168.3.23
        ip-address: 127.0.0.1@8053

remote-control:
        control-enable: yes

## tsig key

key:
        name: "tsig1.example.net"
        algorithm: hmac-md5
        secret: ""

pattern:
        name: "frommaster"
        allow-notify: 192.168.3.22 tsig1.example.net
        request-xfr: 192.168.3.22 tsig1.example.net
        outgoing-interface: 192.168.3.23

## example.net forward zone
zone:
        name: "example.net"
        zonefile: "example.net.zone"
        include-pattern: "frommaster"

## example.net reverse zone
zone:
        name: "3.168.192.in-addr.arpa."
        zonefile: "example.net.rev"
        include-pattern: "frommaster"

alanware 08-04-2016 05:52 PM
This is on OpenBSD 5.9.

jggimi 08-05-2016 08:50 AM
Maybe I'm misreading but you have null keys and do not use NOKEY.

alanware 08-05-2016 11:27 AM
I deleted the key before I put it in the post.

alanware 08-05-2016 11:33 AM
To clarify further, I generate the key using the following command.

Code:
( dd if=/dev/urandom of=/dev/stdout count=1 bs=32 | base64 ) > tsig
I just did not want to post my key. I also changed the domain name to something generic.

jggimi 08-05-2016 12:15 PM
Whelp, that was only a guess, and has exhausted my current analytical ability. Sorry.

alanware 08-05-2016 12:26 PM
Thank you for taking the time to post a reply.


All times are GMT -5. The time now is 01:34 PM.