I have the following layout DNS01 - Master DNS02 - Remote slave DNS03 - Local network slave The master is configured so: acl HLLnetworks { 209.47.176/24; 216.185.71/24; }; options { allow-query { any; }; allow-recursion { HLLnetworks; }; allow-transfer { HLLnetworks; }; directory "/var/named"; dump-file "/var/named/data/cache_dump.db"; statistics-file "/var/named/data/named_stats.txt"; query-source address 216.185.71.33; listen-on { 216.185.71.33; }; notify yes; }; The slaves are configured this way (appropriately modified for each ip address: acl HLLnetworks { 209.47.176/24; 216.185.71/24; }; options { allow-query { any; }; allow-recursion { HLLnetworks; }; allow-transfer { HLLnetworks; }; directory "/var/named"; dump-file "/var/named/data/cache_dump.db"; statistics-file "/var/named/data/named_stats.txt"; notify no; // this is a slave server query-source address 209.47.176.33; listen-on { 127.0.0.1; }; listen-on { 209.47.176.33; }; forwarders { 216.185.71.33; }; }; Now, what I am seeing on one of the slaves when I change a zone in the master and reload is this: Nov 3 12:47:49 inet06 named[9597]: received notify for zone 'byrnejb.ca' but on the other I see this: Nov 3 12:47:50 inet04 named[18368]: client 216.185.71.27#33829: received notify for zone 'byrnejb.ca' Nov 3 12:47:50 inet04 named[18368]: zone byrnejb.ca/IN: refused notify from non-master: 216.185.71.27#33829 The master configuration for byrnejb.ca is zone "byrnejb.ca" { type master; file "/var/named/masters/byrnejb.ca.hosts"; }; On inet06 the slave zone configuration is: zone "byrnejb.ca" { type slave; masters { 216.185.71.33; }; file "/var/named/slaves/byrnejb.ca.hosts"; }; and on inet04 it is: zone "byrnejb.ca" { type slave; masters { 216.185.71.33; }; file "/var/named/slaves/byrnejb.ca.hosts"; }; Which is, as far as I can see, identical. In any case, the real problem is that neither slave actually transfers the updated zone file and I cannot figure out why not. I have verified that the master zone file serial number is greater than that of the slave zones. So, I have two questions: 1. Why is the source address 216.185.71.27 when the bind named listens on 216.185.71.33 and answers queries from the same address. Admittedly, 216.185.71.33 is a virtual ip hosted on 216.185.71.27 but we have been doing this for over a decade now and I have never seen this behaviour before. 2. Why are the notifies ignored? Again, we have had this set up for over a decade and none of these problems until now, and the only thing that has happened on the dns side of things recently were the CentOS updates last week. I am not a DNS specialist, I set this up several years ago and I am perplexed as to why it is now giving me these difficulties. Any help would be gratefully appreciated. Sincerely, -- *** E-Mail is NOT a SECURE channel *** James B. Byrne mailto:ByrneJB@xxxxxxxxxxxxx Harte & Lyne Limited http://www.harte-lyne.ca 9 Brockley Drive vox: +1 905 561 1241 Hamilton, Ontario fax: +1 905 561 0757 Canada L8E 3C3 _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos