Submitted by gnilebein on Thu, 03/23/2017 - 02:36
Hello,
i have this settings in my bind configuration for "Allow transfers from.."
127.0.0.1
localnets
216.218.133.2
2001:470:600::2
But when i create a new server in virtualmin, the new DNS Zone does not user this settings. The "Allow transfers from.." field of the new zone is filled with the IPs behind the records from "Default TTL for DNS records" from the server template.
Best regards, Patrick
Status:
Active
Comments
Submitted by JamieCameron on Thu, 03/23/2017 - 19:21 Comment #1
I'm a bit confused - do you mean IPs from some other template field are being put into the "allow transfer from" field?
Submitted by gnilebein on Fri, 03/24/2017 - 02:34 Comment #2
Yes. Please see this video: https://www.youtube.com/watch?v=TikJMNxD4YY
Submitted by JamieCameron on Fri, 03/24/2017 - 18:05 Comment #3
Thanks for the video .... but this looks like it is working as expected to me. The "allow transfers from" field contains the IPs of all the additional nameservers and the field of the same name in the template.
Submitted by gnilebein on Sat, 03/25/2017 - 01:56 Comment #4
This is not correct. The field only containes the ips from the templeate.
127.0.0.1
localnets
216.66.80.18
2001:470:500::2
216.66.1.2
2001:470:400::2
216.218.132.2
2001:470:300::2
216.218.131.2
2001:470:200::2
The ips from the Zone defaults are not there:
216.218.133.2
2001:470:600::2
Submitted by JamieCameron on Sun, 03/26/2017 - 00:52 Comment #5
Oh, I see - that is expected, as the Zone Defaults are used only when creating a domain in the BIND DNS Server module.
Submitted by gnilebein on Mon, 03/27/2017 - 01:33 Comment #6
Oh. But this could be a problem.
My slave dns provider use ns5.he.net, ns4.he.net, ns3.he.net and ns2.he.net for the zone. But for transfer requests they use slave.dns.he.net. But on this host is no dns server which responds to requests. So i can not add it to the template. I hope you understand my Problem.
Submitted by JamieCameron on Mon, 03/27/2017 - 18:15 Comment #7
Oh, so you want to allow transfers but not add an NS record?
Submitted by gnilebein on Tue, 03/28/2017 - 17:20 Comment #8
Exactly. IIRC the default dns zone settings were added to new zones in the past.
However. This would fix my problem. It would be nice when the settings from the default zone would be used if a zone is created via virtualmin.
Submitted by JamieCameron on Tue, 03/28/2017 - 22:25 Comment #9
I just realized that the options on the "Zone defaults" page aren't a template for new zones - they actually go in the BIND config, and are used by the server when a zone doesn't have an allow-transfer or also-notify block. So it really wouldn't make sense to copy them into a new zone.
Submitted by gnilebein on Wed, 03/29/2017 - 05:25 Comment #10
Ok, But how can we solve the problem?
Submitted by JamieCameron on Wed, 03/29/2017 - 19:35 Comment #11
Right now, there's no clean way to do this in Virtualmin. The only way would be to add an entry for your "internal" nameserver to "Additional manually configured nameservers" , which would never get any queries.