server unable to resolve local slave zones

[Kevin Darcy]

Matt Edwell wrote:

> Hello, I got a problem with one of our nameservers...hope you can help?
>
> The server in question is running BIND8 on a Sun T1/05. This server is
> just for slave zones, though is configured the same as our other
> authorative dns servers, where either we or our customers are running
> primary.
>
> What I think is going on is this:
>
> when a customers primary server goes off-line, our slave server (which
> holds the last zone transfer from the master) isn't able to resolve the
> requests...and so it coming back with nothing.

That seems unlikely. The whole purpose of being a slave is to have a redundant
copy of a zone which can be served up even when the master is unavailable.

> If I convert the slave zone to a master, voila, the server knows the
> answer and so gives it
>
> Why doesn't the server know to look to the slave zone to resolve?

My guess is that zone transfers are broken and the zone has expired on the
slave. Since it is expired, the slave ignores the data and just acts as a
normal caching server with respect to the zone. That's why it tries to contact
the master when resolving a query for the zone.

When you reconfigure the slave as "master" for the zone, it has no idea that
the zone has expired. It just serves it up -- stale as it may be -- and is
happy. That's why it "works" as master, but not as slave.

I'd compare serial numbers on the master and slave versions of the zone to see
if they are out of sync. If the zone is one which hasn't changed in a while,
make a dummy change and see if the zone transfers occur properly. I'd also
look in the logs for any zone-expiration or failed-zone-transfer messages.


- Kevin