On 18/05/2021 03:50, Jack Craig wrote:
*i am getting a notauth on my axfr attempt. what i am not seeing is an A ip# for the secondary dns server.*
*
*
*is this missing A record a problem i need to fix for following host cli???
*
*
*
*dig @ws.linuxlighthouse.com <http://ws.linuxlighthouse.com> axfr linuxlighthouse.com <http://linuxlighthouse.com>*
; <<>> DiG 9.11.28-RedHat-9.11.28-1.fc32 <<>> @ws.linuxlighthouse.com <http://ws.linuxlighthouse.com> axfr linuxlighthouse.com <http://linuxlighthouse.com>
; (1 server found)
;; global options: +cmd
linuxlighthouse.com <http://linuxlighthouse.com>. 259200 IN SOA ws.linuxlighthouse.com <http://ws.linuxlighthouse.com>. root.linuxlighthouse.com <http://root.linuxlighthouse.com>. 2021051603 86400 7200 3600000 172800
linuxlighthouse.com <http://linuxlighthouse.com>. 259200 IN A 108.220.213.121
linuxlighthouse.com <http://linuxlighthouse.com>. 259200 IN CAA 0 issue "letsencrypt.org <http://letsencrypt.org>"
linuxlighthouse.com <http://linuxlighthouse.com>. 259200 IN NS ws.linuxlighthouse.com <http://ws.linuxlighthouse.com>.
/_linuxlighthouse.com <http://linuxlighthouse.com>. 259200 IN NS ns2.swbell.net <http://ns2.swbell.net>._/
ws.linuxlighthouse.com <http://ws.linuxlighthouse.com>. 259200 IN A 108.220.213.121
www.linuxlighthouse.com <http://www.linuxlighthouse.com>. 259200 IN A 108.220.213.121
linuxlighthouse.com <http://linuxlighthouse.com>. 259200 IN SOA ws.linuxlighthouse.com <http://ws.linuxlighthouse.com>. root.linuxlighthouse.com <http://root.linuxlighthouse.com>. 2021051603 86400 7200 3600000 172800
;; Query time: 1 msec
;; SERVER: 108.220.213.121#53(108.220.213.121)
;; WHEN: Mon May 17 12:43:43 PDT 2021
;; XFR size: 8 records (messages 1, bytes 284)
*
[jackc@ws ~ $ host -t axfr ns2.swbell.net <http://ns2.swbell.net> ws.linuxlighthouse.com <http://ws.linuxlighthouse.com>*
Trying "ns2.swbell.net <http://ns2.swbell.net>"
Using domain server:
Name: ws.linuxlighthouse.com <http://ws.linuxlighthouse.com>
Address: 108.220.213.121#53
Aliases:
Host ns2.swbell.net <http://ns2.swbell.net> not found: 9(NOTAUTH)
; Transfer failed.
[jackc@ws ~ $
See "man host". The server to query is the last entry on the line. So, the command should be....
host -t axfr linuxlighthouse.com ns2.swbell.net
But I don't know why you'd want/need to do that.
First off, it would seem to me (and others) that AT&T or SW-Bell or whoever is responsible for making
your secondary DNS server hasn't completed the task.
[egreshko@acer ~]$ host ws.linuxlighthouse.com ns2.swbell.net
Using domain server:
Name: ns2.swbell.net
Address: 151.164.11.218#53
Aliases:
Host ws.linuxlighthouse.com not found: 5(REFUSED)
Says as much. It doesn't have the info to complete the request without recursion and that server is
set for "no recursion".
Next, even if that server were set up as secondary server it would normally have "allow-transfer { none; };"
for secondary zones. As there should be no need by anyone to request download of whole zones. Especially
secondary zones.
It still puzzles me as to why you need to rely on AT&T or SW-Bell to be your secondary. Why don't you just
use your registra as your secondary? You should be able to set that up on your own without help from the
outside world. I know my registra allows this. If I wanted to, I could host the master DNS and let them be
slaves. It would make your life so much easier as *everything* would be under your control.
--
Remind me to ignore comments which aren't germane to the thread.
_______________________________________________
users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
