<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:"Yu Gothic";
panose-1:2 11 4 0 0 0 0 0 0 0;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:"\@Yu Gothic";
panose-1:2 11 4 0 0 0 0 0 0 0;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#0563C1;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:#954F72;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal-compose;
font-family:"Calibri",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-family:"Calibri",sans-serif;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang="EN-US" link="#0563C1" vlink="#954F72">
<div class="WordSection1">
<p class="MsoNormal">Hi,<o:p></o:p></p>
<p class="MsoNormal">I’m setting up an ISC Bind 9.11.20-RedHat-9.11.20-5 on a CentOS 8.3.2011 server and I’m running into a problem transferring a domain from our primary to this new secondary. The primary is a Windows Server 2012R2 system. I have 300+ domains
setup and most of them are working just fine, and I can see the data for them in /var/named/secondary/<zone> files.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">But my main domain isn’t transferring, I keep getting the following:<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">May 11 20:06:42 foo-dns-p03 named[71418]: zone foo.com/IN: Transfer started.<o:p></o:p></p>
<p class="MsoNormal">May 11 20:06:42 foo-dns-p03 named[71418]: transfer of 'foo.com/IN' from xxx.xxx.xxx.xxx#53: connected using yyy.yyy.yyy.yyy#39861<o:p></o:p></p>
<p class="MsoNormal">May 11 20:06:43 foo-dns-p03 named[71418]: transfer of 'foo.com/IN' from xxx.xxx.xxx.xxx#53: failed while receiving responses: bad bitmap<o:p></o:p></p>
<p class="MsoNormal">May 11 20:06:43 foo-dns-p03 named[71418]: transfer of 'foo.com/IN' from xxx.xxx.xxx.xxx#53: Transfer status: bad bitmap<o:p></o:p></p>
<p class="MsoNormal">May 11 20:06:43 foo-dns-p03 named[71418]: transfer of 'foo.com/IN' from xxx.xxx.xxx.xxx#53: Transfer completed: 19 messages, 2518 records, 309684 bytes, 0.355 secs (872349 bytes/sec)<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Which really implies to me that we have some issues on the source Windows DNS server, but it’s not easy to find. Is there anyway I can relax named to access this domain transfer, even with a bad bitmap? Or is there a good way to bump
up the logging so I can find out which record(s) are causing the problem so I can maybe fix them on the source?
<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">None of my googling has given me any hints on what this error could be. My config looks like this:<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">options {<o:p></o:p></p>
<p class="MsoNormal"> listen-on port 53 { any; };<o:p></o:p></p>
<p class="MsoNormal"> listen-on-v6 port 53 { ::1; };<o:p></o:p></p>
<p class="MsoNormal"> directory "/var/named";<o:p></o:p></p>
<p class="MsoNormal"> dump-file "/var/named/data/cache_dump.db";<o:p></o:p></p>
<p class="MsoNormal"> statistics-file "/var/named/data/named_stats.txt";<o:p></o:p></p>
<p class="MsoNormal"> memstatistics-file "/var/named/data/named_mem_stats.txt";<o:p></o:p></p>
<p class="MsoNormal"> allow-query { any; };<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"> recursion no;<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"> rrset-order { order random; };<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"> dnssec-enable False;<o:p></o:p></p>
<p class="MsoNormal"> dnssec-validation False;<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"> /* Path to ISC DLV key */<o:p></o:p></p>
<p class="MsoNormal"> bindkeys-file "/etc/named.iscdlv.key";<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"> managed-keys-directory "/var/named/dynamic";<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"> pid-file "/run/named/named.pid";<o:p></o:p></p>
<p class="MsoNormal"> session-keyfile "/run/named/session.key";<o:p></o:p></p>
<p class="MsoNormal">};<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">logging {<o:p></o:p></p>
<p class="MsoNormal"> channel default_debug {<o:p></o:p></p>
<p class="MsoNormal"> file "data/named.run";<o:p></o:p></p>
<p class="MsoNormal"> severity dynamic;<o:p></o:p></p>
<p class="MsoNormal"> print-time yes;<o:p></o:p></p>
<p class="MsoNormal"> };<o:p></o:p></p>
<p class="MsoNormal">};<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">zone “foo.com” IN {<o:p></o:p></p>
<p class="MsoNormal"> type slave;<o:p></o:p></p>
<p class="MsoNormal"> masters { xxx.xxx.xxx.xxx; } ;<o:p></o:p></p>
<p class="MsoNormal">};<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
</body>
</html>