AXFR partially timed out

Matus UHLAR - fantomas uhlar at fantomas.sk
Tue Oct 12 10:19:24 UTC 2010


> > >I have a very strange problem with AXFR. We are using a master and a
> > >secondary DNS Server with an internal and an external view. Depending
> > >on the source address the secondary server will get the internal or
> > >external view for zone transfer.
> > >
> > >Everything is working correct so far except only one specific zone file
> > >won't get transferred. In the external view there are about 70 zones
> > >defined. Every zone will get transferred except one and only one won't.
> > >Therefor there can't be a problem with the firewall.
> > >
> > >Then I scaled down the seconday DNS server to just about 2 zones and
> > >again: this specific zone file won't get transfered even the master
> > >said "AXFR started" and "AXFR ended" for this particular zone. On
> > >the secondary server I'll get "giving up: timed out".
> 
> > Is the problem zone larger than the ones that are not a problem?  If so 
> > it may be a MTU problem, or even a firewall that does things differently 
> > based on packet sizes.

On 11.10.10 23:11, Beat Jucker wrote:
> Indeed the trouble zone is about double the size of other zones. 
> Both DNS servers are Solaris boxes and comunicate by plain TCP (no VPN).
> How can I check for MTU problem and how can I influence it?
> 
> When I ask for the zone by dig utility everything is ok but not
> when the zone get requested by named ... head scraping ...

well, try in the following order:

dig +notcp

dig +tcp

dig +notcp +bufsize=1480

dig +notcp +bufsize=1500

dig +notcp +bufsize=4096

that may tell you something...

-- 
Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Spam = (S)tupid (P)eople's (A)dvertising (M)ethod



More information about the bind-users mailing list