thousands of "no SOA found for zone", randomly dropped zones

W Sanders bind at wsanders.net
Fri Aug 8 21:07:50 UTC 2003


Hello,

We have a largish set of BIND servers running 8.3.3
under FreeBSD 4.1.1. We have about 40000 zones, and
about 15000 of our zones are hosted virtual domains
for which
we use a single zone file on the master, with "@"
notation in the records, ie. "zone "wsanders.net" {
type master; file "common-zone"; };" in named.conf and
in the common-zone file, "@ IN SOA, @ IN NS ,etc". We
do an "ndc reload" every hour to pull the zones down.
We do not keep zone files on the slave.

The problem is with every ndc reload we get thousands
of  "no SOA found for zone" errors, and most but not
all of the zones don't show up on the slave. The error
doesn't seem to have any correlation as to whether the
zone shows up on the slave - name more zones are not
on the slave than there are errors for. The zone data
on the master  is fine, i.e. named-xfers work OK, and
an "ndc reload <zone>" pulls the zone over just  fine,
and it's visible on the slave, until the next hourly
"ndc reload", then it's gone again.

I've increased the limit on FD's to 32768 - no help.

The dumped data for a missing zone looks weird:

; wsanders.net (type 2, class 1, source
NsTmp90702.42005)
;       time=1060375923, lastupdate=1060374322,
serial=0,
;       refresh=600, retry=600, expire=604800,
minimum=3600
;       ftime=1060374322, xaddrcnt=1, state=28240,
pid=0
;       z_addr[1]: [209.25.140.101]

After an ndc reload it's fine:

; wsanders.net (type 2, class 1, source
NsTmp90682.10166)
;       time=1060384398, lastupdate=1060374322,
serial=2002091601,
;       refresh=10800, retry=3600, expire=604800,
minimum=3600
;       ftime=1060374322, xaddrcnt=1, state=28241,
pid=0
;       z_addr[1]: [209.25.140.101]

Looking at the first dump, I have no idea
why the serial number is getting set to zero, or why
an ndc reload for a specific zone would succeed where
an "ndc reload" would not.

The ps of the named-xfer that successfully loads the
zone when I do a "ndc reload wsanders.net" looks like:

/named-xfer -z wsanders.net -f NsTmp90702.42005 -C 1
-P 13568 209.25.140.101

Any idea what the apparently undocumented "-C" and
"-P" args do?

Has anybody else seen the  "no SOA found for zone"
errors occur in large numbers for  otherwise good
zones?

Thanks in advance,

-W Sanders
 Lafayette CA
 http://www.wsanders.net


 




More information about the bind-users mailing list