Problems setting up additional slave server

Kevin Darcy kcd at daimlerchrysler.com
Fri Mar 4 22:14:11 UTC 2005 

Christopher.Lee at uboc.com wrote:

>Hello,
>
>I am thinking there maybe a config setting or firewall rule causing this
>problem but I can't figure it out.  I am trying to setup a 3rd domain
>server at a different location for backup.  I have configured the name
>server the exact same as my other slave server but no transfers are
>happening.
>
>In the logs I see these errors:
>
>Mar 03 15:11:39.357 xfer-in: error: transfer of 'spiralweb.com/IN' from
>66.237.31.102#53: failed to connect: host unreachable
>Mar 03 15:11:39.357 xfer-in: info: transfer of 'spiralweb.com/IN' from
>66.237.31.102#53: end of transfer
>
>Wierd thing is I can do a dig on info from the primary server but a dig for
>axfr fails, see below:
>
>home:/var/log/named# dig @ns1.spiralweb.com spiralweb.com ANY
>
>; <<>> DiG 9.2.1 <<>> @ns1.spiralweb.com spiralweb.com ANY
>;; global options:  printcmd
>;; Got answer:
>;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 17872
>;; flags: qr aa rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 0, ADDITIONAL: 4
>
>;; QUESTION SECTION:
>;spiralweb.com.                 IN      ANY
>
>;; ANSWER SECTION:
>spiralweb.com.          3600    IN      A       66.237.31.116
>spiralweb.com.          3600    IN      SOA     NS1.spiralweb.com.
>DNSADMIN.spiralweb.com. 2004101804 3600 900 604800 3600
>spiralweb.com.          3600    IN      NS      NS1.spiralweb.com.
>spiralweb.com.          3600    IN      NS      NS2.spiralweb.com.
>spiralweb.com.          3600    IN      NS      NS3.spiralweb.com.
>spiralweb.com.          3600    IN      MX      5 MAIL.spiralweb.com.
>
>;; ADDITIONAL SECTION:
>NS1.spiralweb.com.      3600    IN      A       66.237.31.102
>NS2.spiralweb.com.      3600    IN      A       66.237.31.108
>NS3.spiralweb.com.      3600    IN      A       66.15.79.65
>MAIL.spiralweb.com.     3600    IN      A       66.237.31.109
>
>;; Query time: 31 msec
>;; SERVER: 66.237.31.102#53(ns1.spiralweb.com)
>;; WHEN: Fri Mar  4 11:08:32 2005
>;; MSG SIZE  rcvd: 231
>
>home:/var/log/named# dig @ns1.spiralweb.com spiralweb.com AXFR
>;; Connection to 66.237.31.102#53(ns1.spiralweb.com) for spiralweb.com
>failed: host unreachable.
>
>Can some one give me some hints on where to start looking.  Does AXFR use
>tcp instead of UDP and maybe blocked by firewall?
>
Bingo.

You can test this conjecture by issuing a non-AXFR query with dig's +vc 
option.

- Kevin

More information about the bind-users mailing list