Failed zone transfers

Kevin Darcy kcd at daimlerchrysler.com
Thu Mar 22 22:17:46 UTC 2001


anthony person wrote:

> I receive the error messages of " bad zone transfer request, non-authoritive
> zone (NOTAUTH). I can do the transfers from the nslookup prompt on the
> localhost, but when I try it from the nslookup prompt of another host
> setting my server to that nameserver address it fails with the output of :
> 17.48.47.IN-ADDR.ARPA.         SOA   rtpbind.rtp.arris-i.com
> root.rtpbind.rtp.arris-i.com. (2001031607 10800 3600 604800 86400)
> *** Can't list domain 17.48.47.IN-ADDR.ARPA: Unspecified error

You can only do zone transfers from authoritative hosts, and only if they allow
you to -- zone transfers are allowed to everyone by default, but can be
restricted by "allow-transfer". You should check whether you have any
"allow-transfer" clauses on the servers you are querying, and, if so, whether
the client is permitted to do a zone transfer from that nameserver.

If the machine configured as master is not answering authoritatively, that's
because it didn't load the zone properly, probably because of a syntax error or
the violation of some rule like "CNAME and other data". Check the logs on the
master from load time.


- Kevin



More information about the bind-users mailing list