Unable to transfer IPv4 reverse zone
/dev/rob0
rob0 at gmx.co.uk
Thu Dec 19 19:37:33 UTC 2013
On Thu, Dec 19, 2013 at 07:27:51PM +0000, Daniel Lintott wrote:
> On 19/12/13 18:37, Timothe Litt wrote:
> > I doubt you'll get help without providing configuration data for
> > master
> > and slaves and exact log and error messages.
> >
> > But I'll take one blind guess. DNSSEC validation enabled and
> > your in-addr.arpa zones are not delegated and not in DLV?
I'll offer a guess as well.
> DNSSEC is not currently used on these servers.
>
> The following is logged on the slave:
> Dec 19 17:51:48 server2 named[7866]: transfer of
> '5.168.192.in-addr.arpa/IN' from 192.168.5.1#53: connected using
> 192.168.5.2#47108
>
> Dec 19 17:51:48 server2 named[7866]: transfer of
> '5.168.192.in-addr.arpa/IN' from 192.168.5.1#53: failed while
> receiving responses: SERVFAIL
>
> Dec 19 17:51:48 server2 named[7866]: transfer of
> '5.168.192.in-addr.arpa/IN' from 192.168.5.1#53: Transfer
> completed: 0 messages, 0 records, 0 bytes, 0.001 secs (0 bytes/sec)
>
> Dig returns the following:
> [root at server2 ~]# dig @192.168.5.1 5.168.192.in-addr.arpa AXFR
>
> ; <<>> DiG 9.9.4-P1 <<>> @192.168.5.1 5.168.192.in-addr.arpa AXFR
> ; (1 server found)
> ;; global options: +cmd
> ; Transfer failed.
>
> There are no errors reported on the master server.
How about when the zone loaded initially? I suspect a problem in the
master zone file itself. Try named-checkzone(8) on it.
Can you query SOA and PTR records from the master?
dig 5.168.192.in-addr.arpa. any @192.168.5.1
dig 1.5.168.192.in-addr.arpa. any @192.168.5.1
Try this also on the master itself.
Note also, regarding logging, that depending on your syslogd's
configuration you might see errors in a different file than logs of
lower syslog priority.
> Master - named.conf
>
> include "/etc/named.conf.local";
>
> options {
> directory "/var/named";
> pid-file "/var/run/named/named.pid";
> };
>
> zone "." {
> type hint;
> file "/etc/db.cache";
> };
>
> key rndc-key {
> algorithm hmac-md5;
> secret "XXX";
> };
> controls {
> inet 127.0.0.1 port 953 allow { 127.0.0.1; } keys { rndc-key; };
> };
>
> Configuration of the problem reverse zone:
>
> zone "5.168.192.in-addr.arpa" {
> type master;
> file "/var/named/5.168.192.in-addr.arpa.hosts";
> allow-transfer {
> 192.168.5.2;
> };
> allow-update {
> key rndc-key;
> };
> };
>
> Slave Zone Configuration:
>
> zone "5.168.192.in-addr.arpa" {
> type slave;
> masters {
> 192.168.5.1;
> };
> file "/var/named/slaves/192.168.5.rev";
> };
--
http://rob0.nodns4.us/
Offlist GMX mail is seen only if "/dev/rob0" is in the Subject:
More information about the bind-users
mailing list