Err/TO getting serial# !

Éric Allard bind_ml at telusquebec.net
Wed Apr 17 15:48:19 UTC 2002 

Yes, there a firewall on front of my DNS master!
I don't know why but when I do a manual transfer with
the named-xfer command, it doest the transfert. After
that, I have only to do a kill -HUP of the named and
everything is working after it!
Why can I do a manual transfert but the named cannot
by themselve?


At 21:50 2002-04-16 +0000, you wrote:
>In article <a9i448$c5t at pub3.rc.vix.com>,
>=C9ric Allard  <bind_ml at telusquebec.net> wrote:
> >
> >I have 3 DNS, 1 master and 2 slaves. I changed my DNS master
> >for another machine in the same network with the same configuration
> >and then I changed the named.conf of my 2 DNS slaves for this new
> >master (masters {142.169.1.118;};).
>
>I try to query that server and I don't get a response.  Is it behind a
>firewall?
>
> >I finally killed and restarted all of the named.
> >
> >After this One of my slave named work wonderfully with my new
> >DNS master but the the other receives the "notify" but logs
> >these errors on my namedlog instead of tranfering the zone:
>
>The NOTIFY message is for the 169.142.in-addr.arpa domain, not the
>quebecpub.qc.ca domain that's getting errors.  The NOTIFY message is also
>coming from a different maste: 142.169.1.16.
>
>Could the firewall be blocking UDP port 53 from empress, but
>allowing it from the slave that works?
>
> >Apr 16 00:34:49 empress named[15410]: [ID 295310 local0.info] rcvd
> >NOTIFY(169.142.in-addr.arpa, IN, SOA) from [142.169.1.16].34167
>
> >Apr 16 00:09:50 empress named[15410]: [ID 295310 local0.info] Err/TO
> >getting serial# for "quebecpub.qc.ca"
> >Apr 16 00:19:50 empress named[15410]: [ID 295310 local0.info] Err/TO
> >getting serial# for "quebecpub.qc.ca"
> >Apr 16 00:29:50 empress named[15410]: [ID 295310 local0.info] Err/TO
> >getting serial# for "quebecpub.qc.ca"
> >
> >P.S.: If I add a completely new zone, this slave DNS accept this zone
> >but I can't modify this zone with a new serial!
>
>This sounds like you're allowing TCP through, but not allowing UDP.  The
>initial zone transfer doesn't need to perform an SOA query.
>
>--
>Barry Margolin, barmar at genuity.net
>Genuity, Woburn, MA
>*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
>Please DON'T copy followups to me -- I'll assume it wasn't posted to the=20
>group.

More information about the bind-users mailing list