[nycbug-talk] dns slaves serve up empty data
Marco Scoffier
marcoscoffier at gmail.com
Thu Jul 30 22:47:48 EDT 2009
Sorry miles forgot the "reply all" to talk
On Thu, Jul 30, 2009 at 10:22 PM, Miles Nordin <carton at ivy.net> wrote:
>
>
> the way you test zone transfers is:
>
> dig metm.org. axfr @primary
>
thanks. I needed that.
>
> Also in other cases of debugging broken slave servers, but not this
> case, you may want to check:
>
> dig metm.org. soa @<primary or secondary>
>
> and look at the serial number. The slave will not AXFR unless the
> master has a higher serial number. but, that is not your problem
> because the slave is reporting SERVFAIL rather than old data---your
> guess that the slave cannot download the zone and the Expire time in
> the SOA has elapsed, is probably right.
I just increased the serial number to try to force a notify of the slaves
-- nothing happend
removed all the allow-transfer clauses from named.conf (which used to have
an acl with all the slaves in it)
and still the secondarys give a SERVFAIL .... grrr
Marco
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nycbug.org/pipermail/talk/attachments/20090730/aadfc706/attachment.html>
More information about the talk
mailing list