DNS Slave server CANNOT get zone files from Master Server

Kevin Darcy kcd at daimlerchrysler.com
Thu Oct 7 21:32:27 UTC 2004 

"non-authoritative answer from master" usually means that the zone 
didn't load properly on the master server. Look at your logs to see why, 
or run named-checkzone.

- Kevin

Patrick Chiang wrote:

>Hi everybody,
>
>I think my question is probably a FAQ, but I still can't find an answer
>from the Internet. Hope someone can give me some hints to fix my
>problems.
>
>I have a master DNS Server working properly, which connects to internet
>directly. Recently I setup a Slave DNS server "behind" a simple firewall
>(actually it's a wireless router D-Link DI-524 with NAT), I've set up a
>mapping to my internal Slave DNS Server, 192.168.0.254.
>
>I was wondering should I open some firewall ports to help them do "Zone
>Transfer" ? I've opened TCP/UDP 53 everywhere (Maser/Slave DNS Server
>with iptables, wireless rounter TCP/UDP 53) and I expected there would
>be a zone file appear in /var/named/chroot/var/named/slave - I was told
>that this was a good sign that master server had successfully transfered
>zone file(s) to slave server. Am I correct ?
>
>Below is my settings. Hopefully anyone in the list can help me find out
>the errors. Thanks in advance :)
>
>-----------  Envrionemt -----------------------
>Master&Slave are Fedora Core 2,BIND 9.2.3-13
>
>-----------  Cfg filez ------------------------
>Master DNS (ip address: 55.66.77.88)
>-----------------------------------------------
>/var/named/chroot/etc/named.conf
>-----------------------------------------------
>options {
>   directory "/var/named";
>   statistics-file "/var/run/named/named.stats";
>};
>----<snip>---
>zone "foo.org" IN{
>        type master;
>        file "foo.org.domain";
>        zone-statistics yes;
>        notify yes;
>        also-notify { 11.22.33.44; };
>};
>
>-----------------------------------------------
>Slave (ip address: 11.22.33.44)
>-----------------------------------------------
>/var/named/chroot/etc/named.conf (Copy from master's)
>-----------------------------------------------
><snip>
>zone "foo.org" IN{
>        type slave;
>        file "slave/foo.org.domain.bak";
>        masters { 55.66.77.88; };
>        zone-statistics yes;
>};
>
>-------------------------------------------------
>O U T P U T (on slave DNS server)
>-------------------------------------------------
># rndc reload
>named[25483]: zone foo.org/IN: refresh: non-authoritative answer from
>master 55.66.77.88#53
>
>ps.
>/var/named/chroot/var/named/slaves is "drwxrwx---", owned by named:named
>
>
>
>
>  
>

More information about the bind-users mailing list