Problem with Bind Zone Defaults

Hello,

i have this settings in my bind configuration for "Allow transfers from.."

127.0.0.1
localnets
216.218.133.2
2001:470:600::2

But when i create a new server in virtualmin, the new DNS Zone does not user this settings. The "Allow transfers from.." field of the new zone is filled with the IPs behind the records from "Default TTL for DNS records" from the server template.

Best regards, Patrick

Status: 
Active

Comments

I'm a bit confused - do you mean IPs from some other template field are being put into the "allow transfer from" field?

Thanks for the video .... but this looks like it is working as expected to me. The "allow transfers from" field contains the IPs of all the additional nameservers and the field of the same name in the template.

This is not correct. The field only containes the ips from the templeate.

127.0.0.1
localnets
216.66.80.18
2001:470:500::2
216.66.1.2
2001:470:400::2
216.218.132.2
2001:470:300::2
216.218.131.2
2001:470:200::2

The ips from the Zone defaults are not there:

216.218.133.2
2001:470:600::2

Oh, I see - that is expected, as the Zone Defaults are used only when creating a domain in the BIND DNS Server module.

Oh. But this could be a problem.

My slave dns provider use ns5.he.net, ns4.he.net, ns3.he.net and ns2.he.net for the zone. But for transfer requests they use slave.dns.he.net. But on this host is no dns server which responds to requests. So i can not add it to the template. I hope you understand my Problem.

Oh, so you want to allow transfers but not add an NS record?

Exactly. IIRC the default dns zone settings were added to new zones in the past.

However. This would fix my problem. It would be nice when the settings from the default zone would be used if a zone is created via virtualmin.

I just realized that the options on the "Zone defaults" page aren't a template for new zones - they actually go in the BIND config, and are used by the server when a zone doesn't have an allow-transfer or also-notify block. So it really wouldn't make sense to copy them into a new zone.

Ok, But how can we solve the problem?

Right now, there's no clean way to do this in Virtualmin. The only way would be to add an entry for your "internal" nameserver to "Additional manually configured nameservers" , which would never get any queries.