dig 9.9.[234] unable to do zone transfers from MS windows Domain Controllers
cypher Nix
ciphernix at gmail.com
Thu Nov 21 02:46:40 UTC 2013
I'm using dig to perform health checks on DNS servers. I've recently
noticed that I'm unable to complete a full zone transfer from Windows
DC when using a version of dig 9.9.2 or newer (I haven't tried older
revisions of dig 9.9.x). Dig starts to pull the records from Microsoft
Windows DC but fails around the same SRV record with a message ";; Got
bad packet: extra input data". I had the SRVs record re-created but
this did not solve the issue. There are over 40,000 records on this
zone.
I can perform full zone transfers from the Windows DC if I use older
versions of dig. I've tested with 9.3.6 and 9.7.0 and they all worked
fine. I only seem to be having an issue with dig 9.9.x and the Windows
DC controllers. I can transfer the same zone from Unix and Linux based
BIND servers without any issues.
Bind 9.9.x is able to perform zone transfers from the Windows DC
without any issue. Performing a named-checkzone against the zone file
with bind 9.9.4 and bind 9.9.2 returns no errors. It looks like the
issue is just with DIG 9.9.2 and 9.9.4 (possibly other versions of dig
9.9).
Has anyone ran into a similar issue? Any help would be greatly appreciated.
Thank you.
More information about the bind-users
mailing list