BIND NT 8.2.3 Large Zone Transfers Failing

Sam Norris sam at changeip.com
Tue Jul 3 22:54:32 UTC 2001 

Hello,

We have been running a public dynamic DNS service for about 1 year now for users on the internet.  (www.ChangeIP.com)  Our configuration consists of a primary running on MS DNS and 2 secondaries running on BIND for NT (8.2.3 and 8.2.4).  I believe that there is a bug in the named-xfer.exe application on BIND for NT.  We have thousands of zones running on these machines, mostly around 1-5k each.  We do have domain names that we've purchased and allowed users to have free subdomains off of - these zone files have thousands of records.  These zone files are about 150-200k each.

We would like to migrate away from MS DNS and use BIND for all machines, although over this past week we've ran into a major problem with zone transfers.

Actually BIND NT 8.2.4 hogs 100% of CPU across all NAMED-XFER processes... Not sure why, I went back to 8.2.3 and it works somewhat decently.

Details on problem:
domain/zone:  wha.la
master:  209.68.208.21
secondaries:  209.68.208.20 & 64.50.47.227

Zone transfers from the MS DNS primary work perfectly.  Zone transfers from a BIND NT system are failing on these larger zone files (150-200k).  Below are some examples:

<<<<< NSLOOKUP results from MS DNS >>>>>
> ls wha.la > output.txt
[ns2.changeip.com]
########
Received 4599 records.    <--------- This is correct, entire zone can be listed via LS command.

<<<<< NSLOOKUP results from BIND NT 8.2.x >>>>>
> ls wha.la > output.txt
[40322fe3.ptr.dia.nextlink.net]
########################### *** invalid name, terminating transfer.

Received 1403 records.    <--------- PROBLEM - NOT ENTIRE ZONE TRANSFERRED... WHY?
*** Can't list domain wha.la: Unspecified error

Now if I run that last command over and over (hitting up arrow and enter over and over to repeat last command) as fast as I can sometimes I will get a successful transfer.  Usually I will get at least 1 out of 100 that do transfer without error.  This doesn't make sense.  If I can get 1 successful transfer then that means there is nothing wrong with the zone file syntax'acally...:)

Here is the output of the LS command without piping it to a file...  (Tail end of file - after 1000s of records were output)
 www.helga                      A      172.176.109.220
 xoarph                         A      63.59.214.108
 mail.xoarph                    A      63.59.214.220
 www.xoarph                     A      63.59.214.108
 *** invalid name, terminating transfer.
*** Can't list domain wha.la: Unspecified error

And it seems to stop in the same spot each time it fails - I've checked all records and nothing is weird about them.  (Zone can be transferred from 209.68.208.21 to see entire zone file)

Anyone else running into this problem?  Only with large zone transfers?

Thanks,
Sam Norris

More information about the bind-users mailing list