bind9.7.1 Skipping lots of Zone Transfers
Martin McCormick
martin at dc.cis.okstate.edu
Tue Oct 26 15:09:25 UTC 2010
Alan Clegg writes:
> Are you able to "dig @139.78.100.1 78.139.IN-ADDR.ARPA axfr" when logged
> into the slave?
No and your diagnosis was spot on.
> It seems that communications between the slave (which we don't know the
> IP address of) and the server at 139.78.100.1 is broken.
Oh, yes! it was definitely broken. The slave is on the
same subnet as the master so any firewalls had to be on one or
the other and it turned out some firewall rules I had been
using for probably 6 to 8 years or so do not work with tcp
transfers. individual lookups worked because they are mostly
udp.
To be truthful, the firewall was low on the trouble-shooting
list because it had worked for so long.
Thanks very much.
Martin McCormick
More information about the bind-users
mailing list