Testing a master server

Kevin Darcy kcd at daimlerchrysler.com
Wed May 2 01:34:09 UTC 2001 

If a nameserver is configured as master for a zone and answers non-authoritatively for it, then chances are it's because the
zone failed to load properly, which is probably the result of some sort of syntax error. Check your logs on the master at
load/reload time.


- Kevin

vancleef at best.com wrote:

> How can you trick a server into thinking it is authoritative?  (Bind 9.1.1)
>
> Bringing up a set of test servers, before I touch the real ones, has been
> plagued with "not authoritative" errors.
>
> The slaves don't want to update and the master is just plain fussy.
> (the master has two IP numbers 192.86.6.2 and 192.86.7.2)
>
> I have registered the test server with NS as master for one domain,
> atbroad.com, but the slaves are all non-registered as they are
> internal systems.
>
> All the slaves see are:
>
> May 01 15:43:34.272 zone_timer: zone atbroad.com/IN: enter
> May 01 15:43:34.272 zone_maintenance: zone atbroad.com/IN: enter
> May 01 15:43:34.272 queue_soa_query: zone atbroad.com/IN: enter
> May 01 15:43:34.272 soa_query: zone atbroad.com/IN: enter
> May 01 15:43:34.279 refresh_callback: zone atbroad.com/IN: enter
> May 01 15:43:34.279 refresh_callback: zone atbroad.com/IN:
> non-authorative answer from 192.86.7.2#53
>
> ----------------------------------------------------------------
>
> [root at ns1 named.d]# dig @localhost soa atbroad.com
>
> ; <<>> DiG 9.1.1 <<>> @localhost soa atbroad.com
> ;; global options:  printcmd
> ;; connection timed out; no servers could be reached
> [root at ns1 named.d]#
>
> ----------------------------------------------------------------
> The server is running -d 2 - looking at named.run shows...
>
> May 01 15:55:36.005 createfetch: atbroad.com. SOA
> May 01 15:55:36.008 createfetch: . NS
> May 01 15:56:00.074 createfetch: www.atbroad.com. A
> May 01 15:56:04.108 lame server on 'www.atbroad.com'
> (in 'atbroad.com'?): 192.86.6.2#53
>
> ----------------------------------------------------------------
> Wait a minute or so and....
>
> [root at ns1 named.d]# dig @localhost soa atbroad.com
>
> ; <<>> DiG 9.1.1 <<>> @localhost soa atbroad.com
> ;; global options:  printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 669
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1
>
> ;; QUESTION SECTION:
> ;atbroad.com.                   IN      SOA
>
> ;; ANSWER SECTION:
> atbroad.com.            86323   IN      SOA     ns1.microunity.com. root.microunity.com. 2001042000 10800 1800 604800 86400
>
> ;; AUTHORITY SECTION:
> atbroad.com.            86323   IN      NS      ns1.microunity.com.
>
> ;; ADDITIONAL SECTION:
> ns1.microunity.com.     86400   IN      A       192.86.6.2
>
> ;; Query time: 25 msec
> ;; SERVER: 127.0.0.1#53(localhost)
> ;; WHEN: Tue May  1 15:56:54 2001
> ;; MSG SIZE  rcvd: 115
>
> ----------------------------------------------------------------
>
> But if you try an AXFR
>
> [root at ns1 named.d]# dig @localhost axfr atbroad.com
>
> ; <<>> DiG 9.1.1 <<>> @localhost axfr atbroad.com
> ;; global options:  printcmd
> ; Transfer failed.
> [root at ns1 named.d]#
>
> May 01 15:59:45.205 client 127.0.0.1#1024: bad zone transfer request: non-authoritative zone (NOTAUTH)
>
> ----------------------------------------------------------------
>
> named.conf
>
> zone "atbroad.com" {
>         type master;
>         file "OTHER_DOMAINS/atbroad.com";
>         allow-query {
>                 any;
>         };
>         allow-transfer {
>                 localhost;
>                 "microunity-xfer";
>         };
> };
>
> [microunity-xfer is not the issue as the error is always NOTAUTH]
>
> OTHER_DOMAINS/atbroad.com
>
> $TTL 86400
> @       IN      SOA     maia.microunity.com.  root.microunity.com. (
>         2001050108      ; serial yyyymmddrr (rr = revision, start with 00)
>         10800           ; Refresh after 3 hours
>         1800            ; Retry after 30 min
>         604800          ; Expire 43200 = 12 Hours (604800 - 1 week)
>         86400)          ; Minimum TTL of 1 day
>
> ; domain servers
> ;       IN      NS      metis1.microunity.com.
>         IN      NS      ns1.microunity.com.
>         IN      NS      maia.microunity.com.
>
>
>         IN      MX 50 metis1.microunity.com.
>
> www     CNAME   www.microunity.com.
>
> --
> ><>  ><>  ><>  ><>  ><>  ><>  ><>  ><>  ><>  ><>  ><>  ><>  ><>  ><>  ><>
> Bob Van Cleef                                           vancleef at garg.com

More information about the bind-users mailing list