dig 9.9.[234] unable to do zone transfers from MS windows Domain Controllers
ciphernix at gmail.com
ciphernix at gmail.com
Thu Nov 21 02:44:54 UTC 2013
I'm using dig to perform health checks on DNS servers. I've recently noticed that I'm unable to complete a full zone transfer from Windows DC when using a version of dig 9.9.2 or newer (I haven't tried older revisions of dig 9.9.x). Dig starts to pull the records from Microsoft Windows DC but fails around the same SRV record with a message ";; Got bad packet: extra input data". I had the SRVs record re-created but this did not solve the issue. There are over 40,000 records on this zone.
I can perform full zone transfers from the Windows DC if I use older versions of dig. I've tested with 9.3.6 and 9.7.0 and they all worked fine. I only seem to be having an issue with dig 9.9.x and the Windows DC controllers. I can transfer the same zone from Unix and Linux based BIND servers without any issues.
Bind 9.9.x is able to perform zone transfers from the Windows DC without any issue. Performing a named-checkzone against the zone file with bind 9.9.4 and bind 9.9.2 returns no errors. It looks like the issue is just with DIG 9.9.2 and 9.9.4 (possibly other versions of dig 9.9).
Has anyone ran into a similar issue? Any help would be greatly appreciated.
Thank you.
More information about the bind-users
mailing list