refresh timeouts

CFlath at border-states.com CFlath at border-states.com
Mon Apr 17 19:42:46 UTC 2006


Hello all,
I hope everyone is well.  I have been out of the BIND scene for a few 
years and have just recently got back into it, and so this is my first 
real experience with 9.  Things have gone fairly smoothly.. except for the 
refresh timeouts I have been getting.  I have looked through the archives 
and google searched for days and I just cannot find an answer to this 
problem.
I continue to receive the following refresh error for all my zones:
Apr 10 22:05:12.629 general: info: zone foo.bar.com/IN: refresh: failure 
trying master v.v.v.v#53: timed out

Initial zone transfers have no issues at all. 
If I do an rndc refresh foo.bar.com it works just fine as well.
I added serial-query-rate 5; to my options, but it did not seem to have an 
effect.
dig +norec foo.bar.com soa @ v.v.v.v works just fine.

I had another admin take a look at things and he could not find the issue 
either.. I am sure its probably something I am doing wrong with bind 9, 
but I sure
can't find what.. any help would be greatly appreciated... I included my 
named.confs and a zone example below.


MASTER named.conf:
options {
        directory "/var/named";
        forwarders { x.x.x.x; y.y.y.y; };
        version "1.0 - really!";
        allow-transfer { z.z.z.z; };
        allow-recursion {any; };
        forward only;
#       listen-on port 53 { 127.0.0.1; };
#       listen-on-v6 { any; };
        query-source address * port 53;
        transfer-source * port 53;
        notify-source * port 53;
#       allow-query { 127.0.0.1; };
        notify yes;
};
######################################################
logging {
  channel debug {
  file "/tmp/bindlog.log" versions 2 size 50m;
  severity dynamic;
  print-time yes;
  print-category yes;
  print-severity yes;
  };
  category "default" { "debug"; };
  category "general" { "debug"; };
  category "database" { "debug"; };
  category "security" { "debug"; };
  category "config" { "debug"; };
  category "resolver" { "debug"; };
  category "xfer-in" { "debug"; };
  category "xfer-out" { "debug"; };
  category "notify" { "debug"; };
  category "client" { "debug"; };
  category "unmatched" { "debug"; };
  category "network" { "debug"; };
  category "update" { "debug"; };
#  category "queries" { "debug"; };
  category "dispatch" { "debug"; };
  category "dnssec" { "debug"; };
  category "lame-servers" { "debug"; };
};
######################################################
zone "localhost" in {
        type master;
        file "localhost.zone";
};

zone "0.0.127.in-addr.arpa" in {
        type master;
        file "127.0.0.zone";
};

zone "." in {
        type hint;
        file "root.hint";
};

# You can insert further zone records for your own domains below.

controls {
        inet 127.0.0.1 allow {127.0.0.1; v.v.v.v; } keys {rndc_key;};
};

key "rndc_key" {
        algorithm hmac-md5;
        secret "FredFlintstone";
};
zone "foo.bar.com" in {
        type master;
        file "foo.bar.com.zone";
        allow-transfer {
             z.z.z.z;
        };
};


SLAVE named.conf:
options {

        directory "/var/named";
        forwarders { x.x.x.x; y.y.y.y; };
        allow-recursion { any; };
        forward only;
#       listen-on port 53 { 127.0.0.1; };
#       listen-on-v6 { any; };
        query-source address * port 53;
        transfer-source * port 53;
        notify-source * port 53;
        #allow-query { 127.0.0.1; };
        notify no;
};
#############################################################
logging {
  category "default" { "debug"; };
  category "general" { "debug"; };
  category "database" { "debug"; };
  category "security" { "debug"; };
  category "config" { "debug"; };
  category "resolver" { "debug"; };
  category "xfer-in" { "debug"; };
  category "xfer-out" { "debug"; };
  category "notify" { "debug"; };
  category "client" { "debug"; };
  category "unmatched" { "debug"; };
  category "network" { "debug"; };
  category "update" { "debug"; };
#  category "queries" { "debug"; };
  category "dispatch" { "debug"; };
  category "dnssec" { "debug"; };
  category "lame-servers" { "debug"; };
  channel "debug" {
    file "/tmp/bindlog.log" versions 2 size 50m;
    print-time yes;
    print-category yes;
    print-severity yes;
  };
};
#########################################################
zone "localhost" in {
        type master;
        file "localhost.zone";
};


zone "0.0.127.in-addr.arpa" in {
        type master;
        file "127.0.0.zone";
};

zone "." in {
        type hint;
        file "root.hint";
};

#You can insert further zone records for your own domains below.
key "rndc-key" {
      algorithm hmac-md5;
      secret "FredFlintstone";
};

controls {
      inet 127.0.0.1 port 953
              allow { 127.0.0.1; v.v.v.v; z.z.z.z;} keys { "rndc-k
ey"; };
};

zone "foo.bar.com" in {
        type slave;
        file "foo.bar.com.zone";
        masters { v.v.v.v; };
};

ZONE FILE:

$TTL 3600       ; 1 hour
@                               IN SOA  ns3.foo.bar.com. admin.border-stat
es.com. (
                                2006031000 ; serial
                                900        ; refresh (15 minutes)
                                600        ; retry (10 minutes)
                                86400      ; expire (1 day)
                                3600       ; minimum (1 hour)
                                )
                        NS      ns3.foo.bar.com.
                        NS      ns4.border-states.com.

www                     A       q.q.q.q


Corey Flath
Server Administrator
Border States Electric



More information about the bind-users mailing list