[nycbug-talk] dns slaves serve up empty data
Miles Nordin
carton at Ivy.NET
Thu Jul 30 22:22:36 EDT 2009
>>>>> "ms" == Marco Scoffier <marcoscoffier at gmail.com> writes:
>>>>> "b" == billtotman <billtotman at billtotman.com> writes:
ms> I was trying to test the zone transfer with telnet
the way you test zone transfers is:
dig metm.org. axfr @primary
Also in other cases of debugging broken slave servers, but not this
case, you may want to check:
dig metm.org. soa @<primary or secondary>
and look at the serial number. The slave will not AXFR unless the
master has a higher serial number. but, that is not your problem
because the slave is reporting SERVFAIL rather than old data---your
guess that the slave cannot download the zone and the Expire time in
the SOA has elapsed, is probably right.
b> Have you seen the latest DNS security reports and applied the
b> latest patches?
pfft, whatever.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 304 bytes
Desc: not available
URL: <http://lists.nycbug.org/pipermail/talk/attachments/20090730/91405153/attachment.bin>
More information about the talk
mailing list