Resolution of names from another server not propagating

Mon May 23 23:03:16 UTC 2005

Basically your problem boils down to: your slave is returning SERVFAIL 
for any queries in a given zone. The most common cause is that 
replication from the master is broken (or never worked). Check your logs 
for successful or unsuccessful zone transfers from master to slave. If 
zone transfers aren't working, check ACLs (both in the master 
nameserver, in any firewalls between master and slave, etc.) or network 
connectivity issues. Another possibility is that "zone-statistics yes" 
is a syntax error so the slave zone definition is being rejected 
_in_toto_ (you didn't say what version of BIND you're running, so I 
can't tell whether it's valid syntax or not). That too should have shown 
up as an error in your logs.

                                                - Kevin

P.S. Why call your slave zone file "stub.ite.MAIHAG.com"? It's a slave 
zone, not a stub zone...

tsreyb at yahoo.com wrote:

>I'm not sure of the proper terminology, so my description of this
>problem may be off-base a bit. I'll try my best :)
>
>I have two name servers, A and B. Nameserver B is the master for a
>particular zone (subset of A's zone) and is supposed to feed its
>results to nameserver A. The domain of A is 'MAIHAG.com' and the domain
>for which B is a master is 'ite.MAIHAG.com'.
>
>Computers pointing to B as their primary DNS server are able to
>successfully resolve all hostnames within that zone.
>
>However, computers using A as a nameserver are not able to resolve
>anything from B's zone. Why?
>
>
>
>  NOTE: A's own IP is 192.168.254.251
>
>  NOTE: B's own IP is 10.1.245.251
>
>
>
>The relevant zone section from A's named.conf pointing to B is:
>
>zone "ite.MAIHAG.com" {
>        type slave;
>        file "stub.ite.MAIHAG.com";
>        masters { 10.1.245.251; };
>        zone-statistics yes;
>};
>
>
>
>And the entire named.conf from B is:
>
>options {
>        directory "/var/named";
>        forwarders{
>                192.168.254.251;
>        };
>};
>zone "." {
>        type hint;
>        file "named.ca";
>};
>zone "ite.MAIHAG.com"{
>        type master;
>        file "db.ite.MAIHAG.com";
>        notify yes;
>        allow-transfer { 10.99.10.20; 10.99.10.21; 192.168.254.251; };
>};
>zone "qaMAIHAG.com"{
>        type master;
>        file "db.qaMAIHAG.com";
>};
>zone "0.0.127.in-addr.arpa"{
>        type master;
>        file "named.local";
>};
>zone "1.10.in-addr.arpa"{
>        type master;
>        file "db.10.1";
>        notify yes;
>};
>zone "2.10.in-addr.arpa"{
>        type master;
>        file "db.10.2";
>};
>zone "1.222.in-addr.arpa"{
>        type master;
>        file "db.222.1";
>};
>zone "4.10.in-addr.arpa"{
>        type master;
>        file "db.10.4";
>};
>
>
>
>
>
>
>Now, using nslookup with debug enabled and pointing to server A, I get
>the following result:
>
>  
>
>>set debug
>>scmbag.ite.MAIHAG.com
>>    
>>
>Server:  turtle.eng.MAIHAG.com
>Address:  192.168.254.251
>
>;; res_mkquery(0, scmbag.ite.MAIHAG.com, 1, 1)
>------------
>Got answer:
>    HEADER:
>        opcode = QUERY, id = 45136, rcode = SERVFAIL
>        header flags:  response, want recursion, recursion avail.
>        questions = 1,  answers = 0,  authority records = 0,
>additional = 0
>
>    QUESTIONS:
>        scmbag.ite.MAIHAG.com, type = A, class = IN
>
>------------
>;; res_mkquery(0, scmbag.ite.MAIHAG.com.eng.MAIHAG.com, 1, 1)
>------------
>Got answer:
>    HEADER:
>        opcode = QUERY, id = 45137, rcode = NXDOMAIN
>        header flags:  response, auth. answer, want recursion,
>recursion avail.
>        questions = 1,  answers = 0,  authority records = 1,
>additional = 0
>
>    QUESTIONS:
>        scmbag.ite.MAIHAG.com.eng.MAIHAG.com, type = A, class = IN
>    AUTHORITY RECORDS:
>    ->  eng.MAIHAG.com
>        ttl = 86400 (1D)
>        origin = turtle.eng.MAIHAG.com
>        mail addr = maihag.eng.MAIHAG.com
>        serial = 2005051359
>        refresh = 10800 (3H)
>        retry   = 3600 (1H)
>        expire  = 604800 (1W)
>        minimum ttl = 86400 (1D)
>
>------------
>;; res_mkquery(0, scmbag.ite.MAIHAG.com.MAIHAG.com, 1, 1)
>------------
>Got answer:
>    HEADER:
>        opcode = QUERY, id = 45138, rcode = NXDOMAIN
>        header flags:  response, auth. answer, want recursion,
>recursion avail.
>        questions = 1,  answers = 0,  authority records = 1,
>additional = 0
>
>    QUESTIONS:
>        scmbag.ite.MAIHAG.com.MAIHAG.com, type = A, class = IN
>    AUTHORITY RECORDS:
>    ->  MAIHAG.com
>        ttl = 3600 (1H)
>        origin = hqdc01.MAIHAG.com
>        mail addr = dns.MAIHAG.com
>        serial = 2821265003
>        refresh = 3600 (1H)
>        retry   = 600 (10M)
>        expire  = 86400 (1D)
>        minimum ttl = 3600 (1H)
>
>------------
>;; res_mkquery(0, scmbag.ite.MAIHAG.com.ite.MAIHAG.com, 1, 1)
>------------
>Got answer:
>    HEADER:
>        opcode = QUERY, id = 45139, rcode = SERVFAIL
>        header flags:  response, want recursion, recursion avail.
>        questions = 1,  answers = 0,  authority records = 0,
>additional = 0
>
>    QUESTIONS:
>        scmbag.ite.MAIHAG.com.ite.MAIHAG.com, type = A, class = IN
>
>------------
>*** turtle.eng.MAIHAG.com can't find scmbag.ite.MAIHAG.com: Server
>failed
>
>
>
>
>Thanks,
>-Bob
> Andover, MA
>
>
>
>
>
>  
>