Zone transfer failing
Scott Haneda
talklists at newgeo.com
Tue Jun 23 22:16:03 UTC 2009
On Jun 23, 2009, at 3:01 PM, Hauke Lampe wrote:
> Scott Haneda wrote:
>
>> $dig sugardimplesdesigns.com SOA @ns1.hostwizard.com +short
>
> Do you block 53/tcp anywhere on the path to your nameserver?
> It rejects TCP queries:
>
> | dig +tcp sugardimplesdesigns.com SOA @ns1.hostwizard.com +short
> | ;; Connection to 64.84.37.14#53(64.84.37.14) for
> sugardimplesdesigns.com failed: connection refused.
>
> This matches the error log from your secondary:
>
>> Description:
>> transfer of 'sugardimplesdesigns.com/IN' from 64.84.37.14#53:
>> failed to
>> connect: connection refused
>
> You must allow TCP to port 53 for DNS to function properly.
>
>> Appears to me I am refusing them, I do not see it in my logs, what
>> logs
>> would be it in, or what logging statements would I turn on to be
>> able to
>> diagnose this?
>
> I would probably first check if the server actually listens on 53/tcp
> (with fuser, netstat or similar) and then use tcpdump.
Good observation. This is a long standing issue that I assumed was
solved. Named on OS X will go deaf on port 53 tcp for some reason. I
just kicked it, and now I can tcp dig it.
$dig +tcp sugardimplesdesigns.com SOA @ns1.hostwizard.com +short
ns1.hostwizard.com. scott.hostwizard.com. 2009062206 28800 7200
2419200 3600
I now the men and mice guys are familiar with this, if you guys are
reading, have you ever pinned this down, or found a solution to it?
--
Scott * If you contact me off list replace talklists@ with scott@ *
More information about the bind-users
mailing list