Secondary.com

Jeremy Doran Jeremy.Doran at nominum.com
Thu Aug 29 17:02:05 UTC 2002


On Thu, 2002-08-29 at 04:24, bind at col7.metta.lk wrote:
> 
> Dear bind members.
> 
> I run RH 6.0, bind 8.3.3 and have setup my server dhamma.metta.lk to be 
> primary for the domains "metta.lk"and "bps.lk"
> 
> primary dns is: dhamma.metta.lk
> secondary dns is "ns1.secondary.com", "ns2.secondary.com"
> my earlier secondary dns was "tradenetsl.lk" (203.115.29.134)
> I have informed www.NIC.lk of the change 
> and the update will likely take a few days to be recognized.
> 
> I have gone to www.secondary.com and set up an account for that server
> to act as secondary for my domain.
> I find that "secondary.com" cannot draw the zone from my server.
> 
> My dns is behind a firewall and I have asked the administrator 
> to open port 53 both in and out. I get confirmation that this is done.
> 
> I suspect a firewall problem as I cannot use www.domtools.com/dlint/ 
> with the present settings in the firewall.
> 
> If I set the firewall to be full open for 203.115.29.130 (metta.lk) 
> then I can use dlint.
> 
> I would much appriciate if one of you could do a dig 
> at my server/firewall to see what you come up with.
> >From inside it all looks OK.

It looks like your firewall is letting UDP requests to port 53 go
through, which is fine for SOA queries. However, it is dropping TCP
requests to port 53, which is what is needed for AXFR. 

If you can get your administrator to open up TCP port 53 for the
secondary.com transfer servers, then it will be able to transfer and
server your domain. 

Hope this helps,
-- 
Jeremy Doran
Consulting Engineer / Nominum.Com / http://www.nominum.com/
jdoran at nominum.com



More information about the bind-users mailing list