Zone refresh error: refresh: retry limit for master a.b.c.d#53 exceeded

Anand Buddhdev anandb at
Mon Jul 13 19:46:16 UTC 2015

On 13/07/15 21:31, Anand Buddhdev wrote:

> So what could cause these SOA lookup failures in BIND on one server, but
> not another? Could the developers tell me how BIND does SOA queries over
> UDP, and is there any way to mimic this with dig?

Oops. I just noticed Cathy Almond's response to Irwin Tillman, and
recognised the symptom. It turns out that our network guys are blocking
outbound UDP queries with a source port of 2049, and BIND is getting
stuck on this. Now that I know the problem, I know whom to chase for a

Apologies for wasting everyone's time with my rather long post. I should
have read the archives of the list first!


