Secondary Authority Problems??

Syed Ali syed at ccrl.nj.nec.com
Thu Aug 24 20:00:40 UTC 2000



Ok, it looks like I got this one figured out.

The DNS error (from sniffing the network) was 5, and it was because of the
virtual interface
that was created on the primary. It was "closer" than the "initial"
interface, but was not
allowing updates because of the acl's. I deleted the "closer virtual"
interface and it works
fine now. (The other option would have been to modify the acl)


-----Original Message-----
From: bind-users-bounce at isc.org [mailto:bind-users-bounce at isc.org]On
Behalf Of Syed Ali
Sent: Thursday, August 24, 2000 3:10 PM
To: bind-users at isc.org
Subject: RE: Secondary Authority Problems??




Please ignore the named-xfer part, because that works, I had a typo with
ccrl.
It works with ccrl.nj.nec.com as it is supposed to.
But seconday server updates are still not automatic...

-----Original Message-----
From: bind-users-bounce at isc.org [mailto:bind-users-bounce at isc.org]On
Behalf Of Syed Ali
Sent: Thursday, August 24, 2000 2:56 PM
To: bind-users at isc.org
Subject: Secondary Authority Problems??




We have a primary (ns) and secondary (nis0)  DNS server of our domain
ccrl.nj.nec.com.
We are running BIND 8.2.2 patchlevel 5 on Solaris 7, Sun Ultra 10.

Our secondary has stopped pulling updates from the primary, as such the zone
files are out of sync.

The only way to sync them now is the rm * in the named directory on my
secondary and then restart BIND on the secondary.
I get the following error message when named starts on the secondary.

Aug 24 14:29:49 nis0 named[17617]: starting.  named 8.2.2-P5 Wed Dec 22
19:42:46 EST 1999
Aug 24 14:29:49 nis0    root at nis0:/opt/bind/src/bin/named
Aug 24 14:29:49 nis0 named[17617]: Zone "0.0.127.IN-ADDR.ARPA" (file
db.127.0.0): No default TTL set using SOA minimum instead
Aug 24 14:29:50 nis0 named[17617]: 'allow-{update,transfer}' option for
non-{master,slave} zone ''
Aug 24 14:29:50 nis0 named[17617]: zone '.' did not validate, skipping
Aug 24 14:29:50 nis0 named[17618]: Ready to answer queries.

And when I attempt to manually run a transfer from the secondary (nis0) to
the primary (ns),for any given zone file, as in:

named-xfer -z ccrl -f db.138.15.108 ns

I get an error messages on the secondary in the /var/adm/messages file:

Aug 24 14:30:20 nis0 named-xfer[17626]: [138.15.101.93] not authoritative
for ccrl, SOA query got rcode 0, aa 0, ancount 0, aucount 13

I should mention that someone had accidentally entered a hostname such as
host_name that caused the primary to stop considering itself as
authoritative.
So I had to change that hostname to host-name, and now the primary considers
itself authoritative.
But still the secondary does not update from the primary.
Both primary (ns) and secondary (nis0) have multiple virtual interfaces on
multiple subnets, hopefully that is not a problem.

Thank you,
Syed Ali
(609)951-2989






More information about the bind-users mailing list