zone transfer is slow to dns servers running bind 9.2.4

Fariba, Farhad - PA Farhad.Fariba at gmacrescap.com
Mon Apr 23 21:16:21 UTC 2007 

For whatever reason I had forgotten to add the new addresses to
named.conf file on the master for notification. Not sure how I missed
that but thank you for pointing me in the right direction. What was
throwing me off was that the zone transfers would start immediately
after doing an rndc reload on the master but the transfer of each zone
would be spaced out by anything from a few seconds to a few minutes. The
behavior did not correlate to the refresh timer.
 

Thanks again Dawn!

 

________________________________

From: Dawn Connelly [mailto:dawn.connelly at gmail.com] 
Sent: Monday, April 23, 2007 2:17 PM
To: Fariba, Farhad - PA
Cc: bind-users at isc.org
Subject: Re: zone transfer is slow to dns servers running bind 9.2.4

 

My first thought is do the new servers have different IPs than the ones
you were using before? If so, are they getting the notify packets? It
sounds like they aren't getting notified when there is a change so is
only doing a zone transfer when the slave asks the master if it's serial
number is still good. If don't want to put them in to production yet,
then you probably don't have an NS record in the zone file...if there is
no NS record, you can use a global 'also-notify' option on your master
server. 

On 4/23/07, Fariba, Farhad - PA <Farhad.Fariba at gmacrescap.com> wrote:

Has anyone experienced any performance issues with doing zone transfers
to a dns server running bind 9.2.4?
To address the security vulnerabilities of bind 9.2.2 we have started to
replace our dns servers with new SUN Solaris10 platforms (the old ones 
had to go) running bind 9.2.4. Currently I have 4 servers running bind
9.2.2 (3 secondary and one master), with 3 new secondary servers running
bind 9.2.4. Zone transfers (some 150+) take about a minute or so against

the secondary running 9.2.2 but over an hour against the 3 new servers
running 9.2.4. I don't see any errors in the logs. Ideas on what may be
causing the discrepancy would be appreciated.



Thanks you.

More information about the bind-users mailing list