[BlueOnyx:20637] Re: DNS query refused for policy reasons
Felix Kaegi
f.kaegi at fairtalk.com
Thu Feb 9 15:38:34 -05 2017
Thanks Michael
The IP addresses of the secondary DNS servers are all listed in the "Zone
Transfer Access by IP Address (optional)", and everything worked and works
well, except for the new vsite. And I can't figure out why it is not working
for this domain. Not just the AXFR transfer is getting a refuse error, but
even a simple DNS query is being refused, whereas for all other vsites my
DNS server is providing the DNS records.
How can I troubleshoot this issue?
Best wishes
Felix
-----Original Message-----
From: Blueonyx [mailto:blueonyx-bounces at mail.blueonyx.it] On Behalf Of
Michael Stauber
Sent: Thursday, February 9, 2017 19:05
To: BlueOnyx General Mailing List <blueonyx at mail.blueonyx.it>
Subject: [BlueOnyx:20636] Re: DNS query refused for policy reasons
Hi Felix,
> However, for this site it is not possible to do a DNS query or AXFR
transfer. The response is:
> RCODE 5
> Refused - The name server refuses to perform the specified operation for
policy reasons.
The Standard-Configuration of Bind on BlueOnyx doesn't allow AXFR transfers
at all. These need to be specifically allowed for certain IP addresses.
Please check in "Server Management" / "Network Services" / "DNS" in the
"Advanced" tab. Make sure the IP address of your secondary DNS server are
added to "Zone Transfer Access by IP Address (optional)".
If the IP is added there, then the 2ndary is allowed to poll your DNS server
for zone transfers via AXFR.
--
With best regards
Michael Stauber
_______________________________________________
Blueonyx mailing list
Blueonyx at mail.blueonyx.it
http://mail.blueonyx.it/mailman/listinfo/blueonyx
More information about the Blueonyx
mailing list