"Duplicate Zone Found" Error

Kevin Darcy kcd at daimlerchrysler.com
Fri Mar 4 22:53:32 UTC 2005 

Bulls, Steven R Mr SAIC wrote:

>>Greetings...
>>
>>	I've hunted far and wide for an answer to this question and have
>>yet to get one...
>>
>>	I have several /24 subnets that I have delegated and I have
>>begun to get 'duplicate zone found' errors when resolving the hosts at
>>places like dnsstuff_dot_com.  Here is an example of the configuration
>>that is in the db file for the zone...
>>
>>$ORIGIN 1.214.in-addr.arpa.
>>.
>>
>>123             IN      NS      hasdmz03.ha.osd.mil.    
>>                  IN      NS      densedns01.ha.osd.mil.
>>
>>206             IN      NS      hasdmz03.ha.osd.mil.    
>>                  IN      NS      densedns01.ha.osd.mil.
>>
>>	The 2 NS records are the delegated zones' name servers.  The
>>error ONLY shows up if one of my servers redirects the query to one of
>>these servers.  If my machines respond directly, the error is not
>>there.  The problem is that sometimes resolving for the hosts on the
>>subnets simply doesn't work which does not allow the querying machine
>>to get access to the hosts (web sites).  FWIW, I am running bind 9.2.3
>>on Solaris 8.  Also, this configuration has been in place for quite a
>>while and just recently (mid-February) has the error reared its ugly
>>head.  It all seems to coincide with an update of the DNS servers from
>>bind 9.2.1 to 9.2.3... (the first of February).   =?
>>
>>	Any clues??
>>
There is no such thing as "redirecting" zones from one set of servers to 
another. Either a server is authoritative for a zone or it is not. 
www.dnsreport.com highlights very clearly that the NS1.MED.OSD.MIL and 
NS2.MED.OSD.MIL servers are "lame" for the 123.1.214.in-addr.arpa zone. 
By "lame" it is meant that they are delegated the zone but are not 
responding authoritatively for it. Those servers should either be 
reconfigured as authoritative (master/slave) for the zone, or the 
delegations should be changed to point to authoritative servers for the 
zone.

"Duplicate zone found" appears to be a cryptic way for the 
www.dnsstuff.com reverse-lookup tool to report a lame delegation error.

                                                                         
                                             - Kevin

More information about the bind-users mailing list