11-19-2016 02:58 PM
How would it be possible to achieve zone transfers between a master and a slave for an equally named zone in two two views?
Bind documentation suggests to use also-notify with key:
EXAMPLE 3 - Adding a second server / A single server, one common (but different) zone
Basically i don't see how to add "also-notify" stanza beside enabling "add allowed ip addresses to also-notify", let alone add a key.
Currently using NIOS 7.3.10.
Solved! Go to Solution.
11-28-2016 11:19 AM
Could you please provide more information regarding your scenario?
You can use TSIG keys or configure loopback interfaces and then use its IP address to match the correct view between servers. I had a similar scenario with a customer and the view parametrization (using loopback interfaces and configuring match client/destination) was enough to solve my problem. Don't remember using "also-notify"/add allowed IP addresses to "also-notify".. TSIG keys must work well too (and are simpler to implement).
You are using two servers (one master, the other a slave) with two views each... am I right?
11-30-2016 12:54 AM
Actually I've written a support case regarding this issue.
The findings so far, infoblox cannot sent also-notify with TSIG key defined (missing in NIOS, but part of bind 9.9.x for a long time) - effectively notify mechanism cannot work for slave servers that contain same views.
The other way is to lower the zone refresh interval and wait for the slave servers to periodically request AXFR from master. This isn't possible with infoblox as well since DENY TSIG rule cannot be set in the view match clients ACL - also something bind 9.9.x fully supports and is in my perspective a bug in NIOS.
I'm trying to prioritise this issue so it isn't only seen as Request for feature enhancement but have little hope this will be solved anytime soon...
Bumping this thread - I'm encountering the same issue.
I'm running NIOS 8.5.2 and a Linux caching server running Bind 9.11.26.
I have external and internal views with identical zones in each view. I can transfer the external view zone data via dig but not the internal view zone data. Disabling zone transfers on the external zone and enabling on the internal zone results in an AXFR failure. Only when zone transfers are enabled on the external view zone does the transfer work. It's as though dig cannot even see the internal view zone.
I have a ticket open with Infoblox as well - so far no good traction.