Zone Transfer Problem
Mark.Andrews at nominum.com
Mark.Andrews at nominum.com
Wed Feb 14 21:38:46 UTC 2001
Set "transfer-format one-answer;".
Mark
P.S. If your has not upgraded I would say you need a new ISP.
>
> Hello,
>
> we use bind Version 8.2.2 as master dns and a version 4.something as slave dn
> s.
>
> The version 4.something is our ISP's nameserver and we cannot update it.
>
> Due to the exploits, I switched our Bind from V8.2.2 to V9.1.
>
> But since that change the V4.something cannot transfer zones anymore.
>
> If I use nslookup to let me display the zones, it also does not work from
> the machine running Bind 4.x:
> -----------------------------------------------------------------------------
> ---------------------------------------------------------------------------
> # nslookup
> Default Server: ns.necon.net
> Address: 62.24.1.13
>
> > set type=any
> > server dns.intrex-systems.com
> Default Server: dns.intrex-systems.com
> Address: 62.153.86.163
>
> > ls shadowportal.net.
> [dns.intrex-systems.com]
> *** Can't list domain shadowportal.net.: Unspecified error
> -----------------------------------------------------------------------------
> ---------------------------------------------------------------------------
>
> But I found something about dig and how i can try to
> check if our DNS will transfer the zone correctly, and it does:
> -----------------------------------------------------------------------------
> ---------------------------------------------------------------------------
> # dig @dns.intrex-systems.com shadowportal.net. soa +aa +norec
>
> ; <<>> DiG 2.1 <<>> @dns.intrex-systems.com shadowportal.net. soa +aa +norec
> ; (1 server found)
> ;; res options: init aaonly(unimpl) defnam dnsrch
> ;; got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10
> ;; flags: qr aa ra; Ques: 1, Ans: 1, Auth: 2, Addit: 2
> ;; QUESTIONS:
> ;; shadowportal.net, type = SOA, class = IN
>
> ;; ANSWERS:
> shadowportal.net. 86400 SOA shadowportal.net.
> hostmaster.intrex-systems.com. (
> 2820942822 ; serial
> 14400 ; refresh (4 hours)
> 7200 ; retry (2 hours)
> 604800 ; expire (7 days)
> 86400 ) ; minimum (1 day)
>
> ;; AUTHORITY RECORDS:
> shadowportal.net. 86400 NS ns.net-con.net.
> shadowportal.net. 86400 NS dns.intrex-systems.com.
>
> ;; ADDITIONAL RECORDS:
> ns.net-con.net. 76290 A 195.38.129.1
> dns.intrex-systems.com. 86400 A 62.153.86.163
>
> ;; Total query time: 177 msec
> ;; FROM: bhagira.net-con.net to SERVER: dns.intrex-systems.com 62.153.86.163
> ;; WHEN: Wed Feb 14 15:16:34 2001
> ;; MSG SIZE sent: 34 rcvd: 174
> -----------------------------------------------------------------------------
> ---------------------------------------------------------------------------
>
> I also set the logging of our server to 9, and also found no errors:
> -----------------------------------------------------------------------------
> ---------------------------------------------------------------------------
> Feb 14 15:14:12.699 security: debug 3: client 195.38.129.13#53: request is
> not signed
> Feb 14 15:14:12.699 security: debug 3: client 195.38.129.13#53: recursion
> approved
> Feb 14 15:14:12.700 security: debug 3: client 195.38.129.13#53: query approve
> d
> Feb 14 15:14:12.908 security: debug 3: client 195.38.129.13#3775: request
> is not signed
> Feb 14 15:14:12.909 security: debug 3: client 195.38.129.13#3775: recursion
> approved
> Feb 14 15:14:12.910 security: debug 3: client 195.38.129.13#3775: query
> approved
> Feb 14 15:14:13.011 security: debug 3: client 195.38.129.13#3775: request
> is not signed
> Feb 14 15:14:13.011 security: debug 3: client 195.38.129.13#3775: recursion
> approved
> Feb 14 15:14:13.014 security: debug 3: client 195.38.129.13#3775: zone
> transfer approved
> -----------------------------------------------------------------------------
> ---------------------------------------------------------------------------
> Feb 14 15:11:52.556 xfer-out: debug 6: client 195.38.129.13#3767: AXFR reques
> t
> Feb 14 15:11:52.557 xfer-out: debug 6: client 195.38.129.13#3767: transfer
> of 'shadowportal.net': AXFR question section OK
> Feb 14 15:11:52.557 xfer-out: debug 6: client 195.38.129.13#3767: transfer
> of 'shadowportal.net': AXFR authority section OK
> Feb 14 15:11:52.563 xfer-out: debug 8:
> shadowportal.net. 86400 IN SOA shadowportal.net.
> hostmaster.intrex-systems.com. 2820942822 14400 7200 604800 86400
> Feb 14 15:11:52.563 xfer-out: debug 8:
> shadowportal.net. 86400 IN NS ns.net-con.net.
> Feb 14 15:11:52.564 xfer-out: debug 8:
> shadowportal.net. 86400 IN NS dns.intrex-systems.com.
> Feb 14 15:11:52.564 xfer-out: debug 8:
> shadowportal.net. 86400 IN MX 10 mail.intrex-systems.com.
> Feb 14 15:11:52.565 xfer-out: debug 8:
> dns.shadowportal.net. 86400 IN A 62.153.86.163
> Feb 14 15:11:52.565 xfer-out: debug 8: localhost.shadowportal.net. 86400
> IN A 127.0.0.1
> Feb 14 15:11:52.566 xfer-out: debug 8:
> mail.shadowportal.net. 86400 IN A 62.153.86.163
> Feb 14 15:11:52.566 xfer-out: debug 8: nameserver.shadowportal.net. 86400
> IN CNAME leviathan.intrex-systems.com.
> Feb 14 15:11:52.567 xfer-out: debug 8: tweety.shadowportal.net.
> 86400 IN A 62.153.86.164
> Feb 14 15:11:52.567 xfer-out: debug 8:
> www.shadowportal.net. 86400 IN A 195.38.129.156
> Feb 14 15:11:52.568 xfer-out: debug 8:
> shadowportal.net. 86400 IN SOA shadowportal.net.
> hostmaster.intrex-systems.com. 2820942822 14400 7200 604800 86400
> Feb 14 15:11:52.569 xfer-out: debug 8: client 195.38.129.13#3767: transfer
> of 'shadowportal.net': sending TCP message of 344 bytes
> Feb 14 15:11:52.570 xfer-out: debug 6: client 195.38.129.13#3767: transfer
> of 'shadowportal.net': end of transfer
> -----------------------------------------------------------------------------
> ---------------------------------------------------------------------------
>
> Can anybody help?
>
> Yours,
> Dirk Schulten
>
>
--
Mark Andrews, Nominum Inc.
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark.Andrews at nominum.com
More information about the bind-users
mailing list