Open lucer opened 4 years ago
N8Solutions
commented
4 years ago @lucer I have an issue open with Plesk right now about this very same topic. I'll update my ticket with Plesk with a link to this issue so they can see it as well.
EDIT: I just noticed you work for Plesk so you may have seen my ticket already.
N8Solutions
commented
4 years ago Just as an FYI here, and also in case this helps others until this issue is resolved: Adding notify-source on the master with the IP Address of the master server solves the issue with the error message refused notify from non-master, adding allow-notify on the Slave did not.
I also added notify & also-notify. So the entries in /etc/named.conf on the Master look like this.
options {
...
notify-source XX.XX.XX.XX; // IP Address of Master
notify explicit; // "explicit" must be accompanied with "also-notify"
also-notify { XX.XX.XX.XX; XX.XX.XX.XX; }; // IP Addresses of the Slave DNS servers
...
} ;On the Slave I did also add allow-notify in the /etc/named.conf
options {
...
allow-notify { XX.XX.XX.XX; }; // List the IP address of the Master server(s). Note: an ACL could be used for this as well if the the slave is used for multiple master servers.
...
};regards
Impact: errors in logs
STR:
Expected results: No errors
Actual results: There are some errors on slave: zone XXXX/IN: refused notify from non-master from secondary server IP
Additional information: Although slave dns server explicitly execute rndc with required source ip, bind itself sends such notifications from any server IP address, because no notify_source is configured on master. The extension should either configure notify_source on master, or configugre allow_notify on slave