Allowing zone xfer to slave server

Barry Margolin barmar at alum.mit.edu
Fri Aug 31 00:03:21 UTC 2007 

In article <fb7aa9$10ng$1 at sf1.isc.org>,
 "Ryan McCain" <Ryan.McCain at dss.state.la.us> wrote:

> I do have a NS record for the slave nameserver on the primay nameserver for 
> the zone in question.
> 
> Here is the output from the dig command.  It see's the server but doesn't 
> complete the zone xfer.  Does the output give you any ideas?

The master server is reporting an error trying to access the zone.  
Check the log on the master server when you start up named.

> 
> dss-cs99la49:/var/log # dig @172.20.11.200 dss.la.gov
> 
> ; <<>> DiG 9.3.2 <<>> @172.20.11.200 dss.la.gov
> ; (1 server found)
> ;; global options:  printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 6260
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
> 
> ;; QUESTION SECTION:
> ;dss.la.gov.                    IN      A
> 
> ;; Query time: 0 msec
> ;; SERVER: 172.20.11.200#53(172.20.11.200)
> ;; WHEN: Thu Aug 30 15:34:53 2007
> ;; MSG SIZE  rcvd: 28
> 
> dss-cs99la49:/var/log #
> 
> .. As for the 'also-notify' option I don't have that set. Is that mandatory?
> 
> Thx
> 
> >>> "Dawn Connelly" <dawn.connelly at gmail.com> 08/30/07 3:00 PM >>>
> Are you able to manually pull the zone file over? So if you do "dig
> @masterserver domain.name axfr" does it work?
> Just out of curiosity, do you have an NS record in the zone file on the
> master server? If you don't have an NS record and you don't have a
> "also-notify" option set, the master server doesn't know how to tell the
> slave server to come get the new data. If you don't have an NS record, add
> it in and I'll betcha that'll fix your problem.
> 
> On 8/30/07, Ryan McCain <Ryan.McCain at dss.state.la.us> wrote:
> >
> > I have 2 DNS servers setup on SLES 10.  Both are at BIND 9.3.2.
> >
> > When I add a dummy A record in one of the zones on the Primary server it
> > doesn't "sync" down to the slave server.
> >
> > Here is a snip of named.conf from the slave server:
> >
> > zone "domainA.com" in {
> >         masters { 172.20.11.200; };
> >         file "slave/domainA.gov";
> >         type slave;
> > };
> >
> >
> > 172.20.11.200 is the IP address of the Primary DNS server.
> >
> > From what I have been able to find via google all I need to do is add this
> > option to the Primary DNS server where 172.20.11.118 is the IP address of
> > the slave server:
> >
> > allow-transfer { 172.20.10.118 } ;
> >
> >
> > ..I have done this but it's not working.  Am I overlooking something?
> >
> > Thx..
> >
> >
> >
> >

-- 
Barry Margolin, barmar at alum.mit.edu
Arlington, MA
*** PLEASE post questions in newsgroups, not directly to me ***
*** PLEASE don't copy me on replies, I'll read them in the group ***

More information about the bind-users mailing list