slave transfer problems

Wed, 29 Apr 2009 16:12:09 -0700

I have been having some long standing issues with my secondary provider that I would like to learn how to solve, and who needs to look to solve the errors. When I make an update, it seems hit or miss as to how long before I see it hit the secondary.
Apparently they have a server at xx.xx.0.26 that pulls the slave data, even though I list the secondary NS as xx.xx.0.18. xx.xx.0.18 seems to be a slave of xx.xx.0.26. 

My master has:
options {
        directory "/var/named";
        allow-transfer {  xx.xx.0.26; };
        transfer-source  xx.xx.37.14;
        also-notify {  xx.xx.0.26; };
};


* I redacted some lines, but those are the ones I believe to be  
important.



They sent me some lines from their logs, which I will make comments on  
in-between. I am pretty sure there is nothing for me to do on my end,  
and this is for them to solve, but wanted to confirm...


NS0 is  xx.xx.0.26, which is where I send my notifications to.


Computer:       NS0
Description:
zone myfriendssite.com/IN: refresh: unexpected rcode (REFUSED) from
master xx.xx.37.14#53 (source 0.0.0.0#0)



I do not understand this one, why would source be 0.0.0.0?  This looks  
like my machine, .14 is refusing their refresh request.  Do I need to  
allow-recursion for their NS0?



At any rate, I no longer have zones for this domain on the primary,  
the domain owner has asked to terminate hosting.  I asked the  
secondary to remove this from their slave.  I assume this, and the  
below errors, especially the NOTAUTH are telling me exactly that, that  
there is simply no data for this zone, and they need to remove the  
slave files?



Computer:       NS0
Description:
zonemyfriendssite.com/IN: Transfer started.

Computer:       NS0
Description:

transfer of 'myfriendssite.com/IN' from xx.xx.37.14#53: connected  
using

 xx.xx.0.26#4012

Computer:       NS0
Description:
transfer of 'myfriendssite.com/IN' from xx.xx.37.14#53: failed while
receiving responses: NOTAUTH


-- end of logs for myfriendsite.com


Computer:       NS0
Description:
zone someone-else.com/IN: refused notify from non-master:
 xx.xx.37.6#56516



This is a valid domain, current records, should be working fine.  Is  
the refusal because they are asking  xx.xx.37.6?  Yes, this IP is on  
the same machine, but that IP is used for http, and not DNS. So in  
this case, my transfer source is  xx.xx.37.14, and they hit  xx.xx. 
37.6, which named is not listening on, and get the above error?



Those are the only two they gave me, but the general problem is, I can  
update a zone, change the serial, issue rndc reload, and see my logs  
show a notify sent their way.  It can then take anywhere from a few  
minutes, to hours, to sometimes days to get the change to hit the  
secondary.



As far as you can see, is there anything on my end that I should look  
into?  If I send a notify, see it in the logs, and do not see errors  
with it, and further, in a while, someone like openDNS picks up on it,  
would it be safe to assume my setup is good, and they need to look  
into their end?


Thanks
--
Scott * If you contact me off list replace talklists@ with scott@ *

_______________________________________________
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users






















					Reply via email to