Windows 2000 AS and Solaris9/Bind 9.2.2.

Barry Margolin barmar at alum.mit.edu
Wed Jan 28 05:23:13 UTC 2004 

In article <bv6s8l$g30$1 at sf1.isc.org>, Dog <user at example.net> wrote:

> HISTORY:
> Windows 2000AS running as primary authoritative name server for 
> abcefg.org. <ns1.abcefg.org>
> 
> Solaris 9 / BIND9.2.2 running as a slave authoritative name server for 
> abcefg.org
> <ns2.abcefg.org>
> 
> ***********************************************************************
> Changes are made to the zone file abcefg.org on the Windows 2000AS name 
> server ns1.abcefg.org such as zone TTL changing from 3600 to 600.
> 
> #dig @ns1.abcefg.org -t axfr abcefg.org
> returns all records with a TTL of 600.
> ; <<>> DiG 9.2.2 <<>> @ns1.abcefg.com -t axfr abcefg.org
> ;; global options:  printcmd
> abcefg.org.           600     IN      SOA     ns2.abcefg.org. 
> admin.abcefg.org. 363 900 600 86400 600
> abcefg.org.           600     IN      A       172.27.96.136
> abcefg.org.           600     IN      NS      ns2.abcefg.org.
> abcefg.org.           600     IN      NS      ns1.abcefg.org.
> abcefg.com.           600     IN      MX      10 mail.abcefg.com.
> host1.abcefg.org.  600     IN      A       172.27.96.160
> host2.abcefg.org.  600     IN      A       172.27.96.160
> host3.abcefg.org.     600     IN      A       172.27.96.202
> *********************************************************************
> 
> Changes are NOT fully replicated to the zone file on the slave name 
> server ns2.abcefg.org.
> 
> #dig @ns2.abcefg.org -t axfr abcefg.org
> returns some records with a TTL of 3600 and some with TTL of 600.
> ; <<>> DiG 9.2.2 <<>> @ns2.abcefg.org -t axfr abcefg.org
> ;; global options:  printcmd
> abcefg.org.           600     IN      SOA     ns2.abcefg.org. 
> admin.abcefg.org. 363 900 600 86400 600
> abcefg.org.           3600    IN      MX      10 mail.abcefg.org.
> abcefg.org.           600     IN      NS      ns1.sbcidc.org.
> abcefg.org.           600     IN      NS      ns2.abcefg.org.
> abcefg.org.           3600    IN      A       172.27.96.136
> host1.abcefg.org.  3600    IN      A       172.27.96.160
> host2.abcefg.org.  3600    IN      A       172.27.96.160
> host3.abcefg.org.     3600    IN      A       172.27.96.202
> 
> *********************************************************************
> #ls -la on /var/named/abcefg.org on the Solaris box show that indeed 
> some type of zone transfer has occured on the slave.
> 
> logs on the slave show that an IXFR started.
> 
> 
> Question: Why in the world would only a partial zone update occur.

Looks to me like a bug in the Windows 2000 DNS server.  When an IXFR is 
done, the master determines which records have changed and need to be 
sent to the slave.

-- 
Barry Margolin, barmar at alum.mit.edu
Arlington, MA

More information about the bind-users mailing list