Problems setting up additional slave server
kcd at daimlerchrysler.com
Fri Mar 4 22:14:11 UTC 2005
Christopher.Lee at uboc.com wrote:
>I am thinking there maybe a config setting or firewall rule causing this
>problem but I can't figure it out. I am trying to setup a 3rd domain
>server at a different location for backup. I have configured the name
>server the exact same as my other slave server but no transfers are
>In the logs I see these errors:
>Mar 03 15:11:39.357 xfer-in: error: transfer of 'spiralweb.com/IN' from
>188.8.131.52#53: failed to connect: host unreachable
>Mar 03 15:11:39.357 xfer-in: info: transfer of 'spiralweb.com/IN' from
>184.108.40.206#53: end of transfer
>Wierd thing is I can do a dig on info from the primary server but a dig for
>axfr fails, see below:
>home:/var/log/named# dig @ns1.spiralweb.com spiralweb.com ANY
>; <<>> DiG 9.2.1 <<>> @ns1.spiralweb.com spiralweb.com ANY
>;; global options: printcmd
>;; Got answer:
>;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 17872
>;; flags: qr aa rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 0, ADDITIONAL: 4
>;; QUESTION SECTION:
>;spiralweb.com. IN ANY
>;; ANSWER SECTION:
>spiralweb.com. 3600 IN A 220.127.116.11
>spiralweb.com. 3600 IN SOA NS1.spiralweb.com.
>DNSADMIN.spiralweb.com. 2004101804 3600 900 604800 3600
>spiralweb.com. 3600 IN NS NS1.spiralweb.com.
>spiralweb.com. 3600 IN NS NS2.spiralweb.com.
>spiralweb.com. 3600 IN NS NS3.spiralweb.com.
>spiralweb.com. 3600 IN MX 5 MAIL.spiralweb.com.
>;; ADDITIONAL SECTION:
>NS1.spiralweb.com. 3600 IN A 18.104.22.168
>NS2.spiralweb.com. 3600 IN A 22.214.171.124
>NS3.spiralweb.com. 3600 IN A 126.96.36.199
>MAIL.spiralweb.com. 3600 IN A 188.8.131.52
>;; Query time: 31 msec
>;; SERVER: 184.108.40.206#53(ns1.spiralweb.com)
>;; WHEN: Fri Mar 4 11:08:32 2005
>;; MSG SIZE rcvd: 231
>home:/var/log/named# dig @ns1.spiralweb.com spiralweb.com AXFR
>;; Connection to 220.127.116.11#53(ns1.spiralweb.com) for spiralweb.com
>failed: host unreachable.
>Can some one give me some hints on where to start looking. Does AXFR use
>tcp instead of UDP and maybe blocked by firewall?
You can test this conjecture by issuing a non-AXFR query with dig's +vc
More information about the bind-users