AW: Problems with Zone transfers

Fernando Costa de Almeida falmeida at
Thu Dec 9 15:17:21 UTC 2004

I also noticed something very strange...

When I change some data in the master, and notifies are sent to the
slaves, the transfer occurs without problems.

named[45256]: zone transferred serial 2002061216
named[45256]: transfer of '' from end of 

The problem occurs only when the REFRESH time expires and the slaves 
automatically try to refresh the zone.

The other strange behaviour is that the slaves are trying to transfer 
the zones even though they are not newer than the version they have.

Is that normal?

Below is an excerpt of a zone configuration:

$TTL 3600
@               IN      SOA (
                         2002062390      ; Serial
                         3600            ; Refresh
                         901             ; Retry
                         604800          ; Expiration
                         3600 )          ; Minimum

                 IN      NS ns1
                 IN      NS ns2
                 IN      NS ns3

                 IN      MX 10 mcl01mx

@                   IN  A
admin               IN  A


Thanks in advance,

Walkenhorst, Benjamin wrote:
> Hello,
>>From your description I don't see what is causing your problem,
> and it is unlike anything I have experienced.
> However, there are some thing you can start looking at; these are rather
> generic, though:
> - Was there any change on the machines when the problem started occuring?
>   Like, an upgrade to the operating system, anything?
> - Are these machines dedicated DNS-servers or do they run other services, too?
>   If so, your machines might be overloaded or something like that
> - When a zone transfer is aborted due to a timeout, incomplete zone files named tmp-XXXXXXXXX
>   should show up in your namedb-directory. You can inspect these to see if transfers are
>   failing at a specific point.
> - BIND allows you to configure the timeout value for zone transfers. If nothing else helps,
>   you can try increasing these. Similarly, you can also set a timeout vale for idle connections
>   (i.e. if a zone transfer is going on and no data is transmitted for <n> seconds, the master
>   aborts the connection).
> - Just in case, you might want to explicitly enable "transfer-format many-answers;". In my experience
>   this can greatly speed up zone transfers.
> - I suggest, you do some thorough debugging, e.g. if the server is hitting its limit in TCP connections?
>   When the answer to a request does not fit into a single UDP-packet, the client will re-query the server
>   using a TCP-connection. (Although I think this would produce a different error message.)
>   Do zone-transfers begin to fail altogether after some time, or do they just fail increasingly often?
>   In the latter case, you can e.g. increase the rate at which the slaves will retry to transfer the
>   zone.
> Kind regards,
> Benjamin

ALMEIDA, Fernando Costa de
Computeasy Informática
ICQ 72293951

More information about the bind-users mailing list