BIND 9.1.1rc4 cannot load reverse zones from WindowsNT's DNSand vice versa

Systems systems at buzzcity.com
Thu Mar 15 05:21:07 UTC 2001 

Think you might be right in that Microsoft don't like
to be in situations where they have to play second-fiddle,
in this case, loading zones from BIND server, as
what past postings have similarly suggested.

I have been setting config files since BIND 9.1.0 and things
have been manageable until I start to configure DNS records in
Windows NT. BIND 9 collapse (refused to be DNS servers) after
expiry of any records when it refused to load these new reverse
records from Microsoft DNS.

Microsoft's DNS allow alot of leeway in record format, but will
refuse to restart when any of these records are wrong by it's
own built-in check rules before allowing DNS to start successfully.

The problems originally posted here are resolved when I managed
to restart Microsoft DNS and, either clear or correct all
offending entries from the reverse zone files on Windows NT.

-----Original Message-----
From: Danny Mayer <mayer at gis.net>
To: Systems <systems at buzzcity.com>; bind-users at isc.org <bind-users at isc.org>
Date: Thursday, March 15, 2001 12:59 PM
Subject: Re: BIND 9.1.1rc4 cannot load reverse zones from WindowsNT's DNSand
vice versa


>
>         If you are running Microsoft's DNS on NT 4.0, they don't support
it and in
>   any case you need to ask them these questions.  It you are running
Microsoft's
>   DNS on Win2K then you still need to ask them.
>
>         You didn't show the config file for this zone, however, the master
is refusing
>   the request to transfer the zone.  You probably didn't set it up to
allow zone
>   transfers to the slaves.  Make it the same as the forward zones and it
should
>   work.
>
>                 Danny
>At 02:07 AM 3/13/01, Systems wrote:
>
>>Okay. Here are them (modified to hide sensitive info but, which is
>>irrelevant
>>within the current context):
>>
>>Mar 13 14:17:16 server_B /bin/named[10283]: transfer of
>>'4.3.2.1.in-addr.arpa'
>>from 1.2.3.4#53: receiving responses: REFUSED
>>Mar 13 14:17:55 server_B /bin/named[10283]: transfer of '123.in-addr.arpa'
>>from
>>1.2.3.4#53: receiving responses: REFUSED
>>Mar 13 14:18:25 server_B /bin/named[10283]: transfer of
'6.7.8.in-addr.arpa'
>>from 1.2.3.4#53: receiving responses: REFUSED
>>Mar 13 14:20:22 server_B /bin/named[10283]: transfer of
'5.7.8.in-addr.arpa'
>>from 1.2.3.4#53: receiving responses: REFUSED
>>Mar 13 14:20:36 server_B /bin/named[10283]: transfer of
'4.7.8.in-addr.arpa'
>>from 1.2.3.4#53: receiving responses: REFUSED
>>Mar 13 14:21:13 server_B /bin/named[10283]: transfer of
'3.7.8.in-addr.arpa'
>>from 1.2.3.4#53: receiving responses: REFUSED
>>Mar 13 14:21:24 server_B /bin/named[10283]: transfer of '2.8.in-addr.arpa'
>>from 1.2.3.4#53: receiving responses: REFUSED
>>Mar 13 14:23:16 server_B /bin/named[10283]: transfer of '3.8.in-addr.arpa'
>>from 1.2.3.4#53: receiving responses: REFUSED
>>Mar 13 14:24:53 server_B /bin/named[10283]: transfer of
>>'0.0.127.in-addr.arpa'
>>from 1.2.3.4#53: receiving responses: REFUSED
>>Mar 13 14:25:32 server_B /bin/named[10283]: transfer of '123.in-addr.arpa'
>>from 1.2.3.4#53: receiving responses: REFUSED
>>
>>I have been observing alot of IPs and ports scanning on my network, that
it
>>is
>>necessary to put on this veil of non-disclosure.
>>
>>-----Original Message-----
>>From: tmaestas at dnsconsultants.com <tmaestas at dnsconsultants.com>
>>To: Systems <systems at buzzcity.com>
>>Cc: bind-users at isc.org <bind-users at isc.org>
>>Date: Tuesday, March 13, 2001 1:51 PM
>>Subject: Re: BIND 9.1.1rc4 cannot load reverse zones from WindowsNT's
DNSand
>>vice versa
>>
>>
>> >
>> > The reason your bind server can not load the zones should
>> > be evident by the errors it is producing in the logs when
>> > it attempts to do so.  Check them out, or post them
>> > here if you don't know what they mean.
>> >
>> >-Tim
>> >
>> >
>> >On Tue, 13 Mar 2001, Systems wrote:
>> >
>> >> After running BIND 9.1.1rc4 for about 4 straight days on two slaves,
both
>>slaves
>> >> now cannot load all reverse zones (in-addr.arpa) from the master
server
>>running
>> >> DNS for Windows NT.  Transfer of forward zones from Windows NT to BIND
9
>> >> is still okay.
>> >>
>> >> Also, it doesn't seem possible to make DNS for Windows NT to load
reverse
>> >> zones from BIND 9.1.1rc4 (didn't try anything else). Is there any
>>incompatibilities
>> >> between them? Microsoft, in its white paper, has stated its compliance
to
>>all the
>> >> necessary  RFCs. Really puzzling, since almost all DNS traffic has
been
>>redirected
>> >> away from  Windows NT, and load on Windows NT server is really very
>>light,
>> >> obvious isn't it?
>> >>
>> >> Thanks in advance for advice.
>> >>
>> >>
>>
>
>
>

More information about the bind-users mailing list