servfail only for a zone
Reindl Harald
h.reindl at thelounge.net
Mon Jul 13 18:21:20 UTC 2015
Am 13.07.2015 um 20:15 schrieb Lucio Crusca:
> Il 13/07/2015 19:51, Darcy Kevin (FCA) ha scritto:
>> Half an hour is ridiculous, to be honest. Unless you have 24x7x365
>> eyes-on-glass looking for zone transfer failures *constantly* and
>> ready and able to *instantly* pounce on any such problems and fix them
>> within minutes.
>
> You have been persuasive enough, I'm definitely going to raise the
> expire value, but now the question is: are the SERVFAIL replies a
> consequence of the low expire value?
most likely yes
zone transerfs are retried often, but that don't help with such low
expire times, the question still remains why they are failing on the
same host, but that's not a bind problem
as somebody else said: you must not run both nameservers on the same
host with the same internet connection, virtualization is fine but you
need at least a real HA cluster and independent lines for both to
minimze the possibility both nameservers are going down at the same time
i would recommend running http://www.intodns.com/ regulary for your domains
http://www.intodns.com/aquilacorde.com is a horrible result!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: OpenPGP digital signature
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20150713/fd0c22d7/attachment.bin>
More information about the bind-users
mailing list