refresh failure despite ability to do AXFR and IXFR via command line (was Re: refresh times out from Win DNS)
Mark Jeftovic
mark at jeftovic.net
Mon Jul 19 23:35:30 UTC 2004
This didn't seem to help in one other case we've found.
On Sun, 18 Jul 2004, Vinny Abello wrote:
>
> In named.conf:
>
> server 1.2.3.4 {
> edns no;
> };
>
This other case I have access to the master, it is running 8.4.1-REL via
some "hsphere" system I'm unfamiliar with.
But the symptoms are the same, I can do an AXFR from the command line
using host or dig and I can see it arrive in the logs on the master:
Jul 19 18:16:34 cp named[2695]: approved AXFR from [192.168.40.250].47650
for "example.com"
Jul 19 18:16:34 cp named[2695]: zone transfer (AXFR) of "example.com" (IN)
to [192.168.40.250].47650 serial 2004071202
But when I do it via the slave with "rndc reload example.com", I just
get this error in the logs immediately on the slave side (bind9.2.3):
Jul 19 19:23:57 ds2 named[1879]: zone example.com/IN: refresh: failure
trying master 24.227.181.110#53: timed out
happens a bunch of times and then
Jul 19 19:27:43 ds2 named[1879]: zone example.com/IN: refresh: retry limit
for master 24.227.181.110#53 exceeded
So on the face of it it seems as if the nameserver gets stuck on
*something* and the request doesn't even make it to the master.
(Like I said previously, this slave has about 80K zones on it, so it is
not a system wide problem, and as I try this there are 0 xfers running and
9 soa queries in progress)
Everything else works, i.e. AXFR and IXFR can both be obtained using host
or dig.
We're seeing this more often these days, we thought it was only Windows
DNS masters but as I said, this one is bind8.
-mark
--
mark jeftovic
More information about the bind-users
mailing list