Knowledge Base ISC Main Website Ask a Question/Contact ISC
Why is my slave server trying sometimes to use a different source IP address for zone transfers?
Author: Cathy Almond Reference Number: AA-00904 Views: 5092 Created: 2013-05-08 10:54 Last Updated: 2013-05-08 10:54 0 Rating/ Voters

There are several configuration options in named.conf that control which IPv4 and/or IPv6 source addresses are used for the SOA refresh queries and for the zone transfers themselves.  See the Administrator Reference Manual for more details.

The well-known ones are these:

transfer-source - determines which local IPv4 address will be used as the source for both SOA refresh queries and zone transfer requests that need to be made to servers.

transfer-source-v6 - the same as transfer-source, but used when the destination is an IPv6 address.

Less well-known are:

alt-transfer-source - this provides an alternative local IPv4 source address to use if the first one fails.

alt-transfer-source-v6 - the same as alt-transfer-source, but used when the destination is an IPv6 address.

use-alt-transfer-source - defines whether or not named will fall back to using the alternative source addresses when the first attempt at a zone transfer fails.

If you are using views, the configuration option use-alt-transfer-source will default to 'yes'

Administrators using views should ensure that they either configure use-alt-transfer-source no; or that they have appropriate settings for alt-transfer-source and/or alt-transfer-source-v6.

If undefined, named will itself choose the source IPv4 or IPv6 address(es) to use

This applies to both transfer-source and alt-transfer-source (and also to the IPv6 options).  named will usually select the source address that is 'closest' to the remote end.  This can lead to unexpected outcomes - therefore it is best to configure all of these options explicitly to avoid surprises!


© 2001-2017 Internet Systems Consortium

For assistance with problems and questions for which you have not been able to find an answer in our Knowledge Base, we recommend searching our community mailing list archives and/or posting your question there (you will need to register there first for your posts to be accepted). The bind-users and the dhcp-users lists particularly have a long-standing and active membership.

ISC relies on the financial support of the community to fund the development of its open source software products. If you would like to support future product evolution and maintenance as well having peace of mind knowing that our team of experts are poised to provide you with individual technical assistance whenever you call upon them, then please consider our Professional Subscription Support services - details can be found on our main website.

Feedback
  • There is no feedback for this article
Quick Jump Menu