Hello,
I run PowerDNS and I'm using the bind backend.
I just did a systemctl status pdns and saw this:
Not really sure how to fix these AXFR of domain 'example.com' denied to 2600:3c02::a.
This is what my /etc/named.conf looks like:
Should these options actually be under the
section? Is that why it's failing?
This is what I have in the pdns.conf file:
I couldn't find an allow-query directive for pdns.conf. Am I doing something wrong?
Thanks!
I run PowerDNS and I'm using the bind backend.
I just did a systemctl status pdns and saw this:
Code:
Jul 18 22:19:37 franklin.example.com pdns[4072]: AXFR of domain 'example.com' allowed: client IP 2600:3c02::a is in allow-axfr-ips
Jul 18 22:19:37 franklin.example.com pdns[4072]: Not doing AXFR of an NSEC3 narrow zone 'example' for 2600:3c02::a
Jul 18 22:19:37 franklin.example.com pdns[4072]: AXFR of domain 'example.com' denied to 2600:3c02::a
Jul 18 22:19:37 franklin.example.com pdns[4072]: AXFR of domain 'example.com' initiated by 45.79.214.181
Jul 18 22:19:37 franklin.example.com pdns[4072]: AXFR of domain 'example.com' denied: client IP 45.79.214.181 has no permission
Jul 18 22:19:37 franklin.example.com pdns[4072]: AXFR of domain 'example.com' failed: 45.79.214.181 cannot request AXFR
Jul 18 22:19:37 franklin.example.com pdns[4072]: AXFR of domain 'example.com' initiated by 2600:3c02::a
Jul 18 22:19:37 franklin.example.com pdns[4072]: AXFR of domain 'example.com' allowed: client IP 2600:3c02::a is in allow-axfr-ips
Jul 18 22:19:37 franklin.example.com pdns[4072]: Not doing AXFR of an NSEC3 narrow zone 'jetbbs.com' for 2600:3c02::a
Jul 18 22:19:37 franklin.example.com pdns[4072]: AXFR of domain 'example.com' denied to 2600:3c02::a
This is what my /etc/named.conf looks like:
Code:
options {
...
allow-transfer {
104.237.137.10;
65.19.178.10;
75.127.96.10;
207.192.70.10;
109.74.194.10;
2600:3c00::a;
2600:3c01::a;
2600:3c02::a;
2600:3c03::a;
2a01:7e00::a;
};
also-notify {
104.237.137.10;
65.19.178.10;
75.127.96.10;
207.192.70.10;
109.74.194.10;
2600:3c00::a;
2600:3c01::a;
2600:3c02::a;
2600:3c03::a;
2a01:7e00::a;
};
allow-query {
104.237.137.10;
65.19.178.10;
75.127.96.10;
207.192.70.10;
109.74.194.10;
2600:3c00::a;
2600:3c01::a;
2600:3c02::a;
2600:3c03::a;
2a01:7e00::a;
};
...
Code:
zone "example.com" {
...
}
This is what I have in the pdns.conf file:
Code:
allow-axfr-ips=104.237.137.10, 65.19.178.10, 75.127.96.10, 207.192.70.10, 109.74.194.10, 2600:3c00::a, 2600:3c01::a, 2600:3c02::a, 2600:3c03::a, 2a01:7e00::a
also-notify=104.237.137.10, 65.19.178.10, 75.127.96.10, 207.192.70.10, 109.74.194.10, 2600:3c00::a, 2600:3c01::a, 2600:3c02::a, 2600:3c03::a, 2a01:7e00::a
Thanks!