refresh: non-authoritative answer from master

Mark Andrews Mark_Andrews at
Tue Jul 10 23:17:41 UTC 2007

> Hello-
> I am getting the following when attempting to do reverse-ip zone transfers:
> Jul 10 10:01:18 dns3 named[4402]: zone 1.10.IN-ADDR-ARPA/IN/internal: refres
> h: non-authoritative answer from master nnn.nnn.nn.nn#53 (source
> Jul 10 10:01:40 dns3 named[4402]: zone nn.nnn.nnn.IN-ADDR-ARPA/IN/internal:
> refresh: non-authoritative answer from master nnn.nnn.nn.nn#53 (source
> )
> My configuration has dns1 and dns2 in a DMZ.  These 2 servers transfer my
> reverse zone with no problems.  But, my 3rd server, dns3, is behind a
> firewall to serve the internal network, and can only transfer the forward
> zones, not the reverse zones.
> The reverse zones are both real IP-zones, and rfc1918 zones (10.1, 10.2,
> etc.).  I placed NS records in the reverse zone files on the master server
> (dns1), thinking maybe the master (dns1) did not think that the slave (dns3)
> was authoritative.
> I thought maybe it was a delagation problem, but what about the 10.x zones?
> The slave dns2 has no problems transfering these zones from the master dns1.
> The config files between the slaves are pretty much the same.
> thanks,
> mike

	The message means "aa" was not set in the response to the
	SOA query.

	The usual causes are

	1.  the zone is not loaded on the master.
	2.  you have the wrong IP address in the masters clause.
	3.  there is a "transparent" DNS cache intercepting the SOA

Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark_Andrews at

More information about the bind-users mailing list