thousands of "no SOA found for zone", randomly dropped zones

W Sanders kf6iiu at sbcglobal.net
Fri Aug 8 21:01:03 UTC 2003


Hello,

We have a largish set of BIND servers running 8.3.3
under FreeBSD 4.1.1. We have about 40000 zones, and
lots of our zones are hosted virtual domains for which
we use the name zone file on the master, with "@"
notation, ie. "zone "wsanders.net" { type master; file
"common-zone"; };" and in the common-zone file, "@ IN
SOA, @ IN NS ,etc". We do an "ndc reload" every hour
to pull the zones down. We do not keep zone files on
the slave.

The problem is with every ndc reload we get thousands
of  "no SOA found for zone" errors, and most but not
all of the zones don't show up on the slave. The error
doesn't seem to have any correlation as to whether the
zone shows up on the slave - name more zones are not
on the slave than there are errors for. The zone data
on the master  is fine, i.e. named-xfers work OK, and
an "ndc reload <zone>" pulls the zone over just  fine,
and it's visible on the slave, until the next hourly
"ndc reload", then it's gone again.

I've increased the limit on FD's to 32768 - no help.

The dumped data for a missing zone looks weird:

; wsanders.net (type 2, class 1, source
NsTmp90702.42005)
;       time=1060375923, lastupdate=1060374322,
serial=0,
;       refresh=600, retry=600, expire=604800,
minimum=3600
;       ftime=1060374322, xaddrcnt=1, state=28240,
pid=0
;       z_addr[1]: [209.25.140.101]

After an ndc reload it's fine:

; wsanders.net (type 2, class 1, source
NsTmp90682.10166)
;       time=1060384398, lastupdate=1060374322,
serial=2002091601,
;       refresh=10800, retry=3600, expire=604800,
minimum=3600
;       ftime=1060374322, xaddrcnt=1, state=28241,
pid=0
;       z_addr[1]: [209.25.140.101]

Assuming the first zone data is good, I have no idea
why the serial number is getting set to zero, or why
an ndc reload for a specific zone would success where
an "ndc reload" would randomly drop zones.

The ps of the named-xfer that successfully loads the
zone when I do a "ndc reload wsanders.net" looks like:

/named-xfer -z wsanders.net -f NsTmp90702.42005 -C 1
-P 13568 209.25.140.101

Any idea what the apparently undoucmented "-C" and
"-P" args do?

Has anybody else seen the  "no SOA found for zone"
errors occur in large numbers for  otherwise good
zones?

Thanks in advance,

-W Sanders
 Lafayette CA
 http://www.wsanders.net


 



More information about the bind-users mailing list