# ACL Problem w/named.conf



## AlbyVA (Sep 15, 2012)

In the example below is my zone setup in named.conf. When I have the
ACL's set with allow-query and allow-transfer to (internals/externals)
all my queries and zone transfers fail.  When I change it to (any) everything
works.  

 Do you see anything wrong with my ACL setup?  I'm using BIND 9.8



```
acl internals { 192.168.1.0/24; };
acl externals { 216.218.128.0/17; };

zone "XXXXX.org" {
        type master;
        file "/etc/namedb/master/XXXXX.org";
        allow-query { internals; externals; };
        allow-transfer { internals; externals; };
};
```


----------



## chatwizrd (Sep 15, 2012)

Do you see any errors in /var/log/messages

http://www.zytrax.com/books/dns/ch7/acl.html


----------



## AlbyVA (Sep 16, 2012)

chatwizrd said:
			
		

> Do you see any errors in /var/log/messages
> 
> http://www.zytrax.com/books/dns/ch7/acl.html





 Thank You. That link gave me the tip I was missing.
I just had my setup with the wrong format. Using this format resolved my issue.


```
acl allow {
        216.218.128.0/17;
};

zone "XXXXX.org" {
        type master;
        file "/etc/namedb/master/XXXXX.org";
        allow-query { localnets; allow; };
        allow-transfer { localnets; allow; };
```


----------

