HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (
-   Developers' Forum (
-   -   Bind 9.3 - secondary DNS changed behaviour (

martinfst 18th January 2007 18:57

Bind 9.3 - secondary DNS changed behaviour
Have it 'all' running, but I found an error in my syslog file, which I wanted to try to fix first, but I don't know where to look in the php scripts, so I'll post it here for the more experienced developers. :)

The error I have is:

Jan 18 17:24:37 xxxxxx02 named[1041]: zone xxxxx.tld/IN: refused notify from non-master: nn.nn.nn.nn#32780
This is when I restart Bind on the server that runs the secondary DNS server for my domain.

After googling, I think this is caused by a change per Bind 9.3, so pretty recent. I am running 9.3.2. I tried the allow-notify directive with no luck. The only solution that removed the error is to add notify off to the specific section of the slave DNS server, so that it (/etc/bind/named.conf) looks like:

zone "xxxxxx.tld" {
        type slave;
        file "sec.xxxxxx.tld";
        masters { nn.nn.nn.nn; };
        notify no;

I tried to find in the scripts where I could add this as a default addition when creating a new slave, but using 'grep -ir <some identifier string> /root/ispconfig' or grep -ir <some identifier string> /home/admispconfig' did not bring forward a proper hit. May I suggest to add the 'notify off' directive standard to a slave entry?

Edit: added filename of the bind config file, where this directive should be placed.

jnsc 18th January 2007 19:07

If I remember corectly the template file is locates at


martinfst 18th January 2007 21:27

That's exactly it! Thanks. Modified the template and it all works like a charm. Should be easy to implement in the next version of ISPConfig.


<!-- BEGIN DYNAMIC BLOCK: named_slave -->
zone "{DOMAIN}" {
        type slave;
        file "sec.{DOMAIN}";
        masters { {MASTERS}; };
        notify  no;
<!-- END DYNAMIC BLOCK: named_slave -->

Oops, what did I say? No, no! 1st I have to do some work on cert generation of the ispconfig httpd server...........

All times are GMT +2. The time now is 11:39.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.