servfail only for a zone
Darcy Kevin (FCA)
kevin.darcy at fcagroup.com
Mon Jul 13 18:18:24 UTC 2015
They are a consequence of a slave not being able to perform a refresh from the master for a while. This may be because the zone is removed from the master (but someone overlooked removing it from the slave(s) as well), bad permissions set on the master, a communications error, to name a few. If your EXPIRE is too low, you don’t give yourself enough time to catch and correct those errors.
From: bind-users-bounces at lists.isc.org [mailto:bind-users-bounces at lists.isc.org] On Behalf Of Lucio Crusca
Sent: Monday, July 13, 2015 2:15 PM
Subject: Re: servfail only for a zone
Il 13/07/2015 19:51, Darcy Kevin (FCA) ha scritto:
Half an hour is ridiculous, to be honest. Unless you have 24x7x365 eyes-on-glass looking for zone transfer failures constantly and ready and able to instantly pounce on any such problems and fix them within minutes.
You have been persuasive enough, I'm definitely going to raise the expire value, but now the question is: are the SERVFAIL replies a consequence of the low expire value?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the bind-users