[afnog] DNS zone transfer
Antonio Godinho
antonio at nambu.uem.mz
Fri Aug 12 10:27:13 EAT 2005
ns.foo.bar is a slave of foo.bar domain running bind 8 and ns2.foo.bar is
also a slave for foo.bar domain but running bind 9.3. The primary for the
foo.bar domain is a machine running bind 4, we can call it ns0.foo.bar.
I hope this helps.
Cheers,
On Thu, 11 Aug 2005 19:58:08 +0100, Brian Candler wrote
> On Thu, Aug 11, 2005 at 09:36:56PM +0300, Antonio Godinho wrote:
> > In a server with bind 8 which is working for the same purpose I get the
> > following answer when running the command dig:
> >
> > ;; Received 2 answers (1676 records).
> > ;; FROM: ns.foo.bar to SERVER: ns2.foo.bar
> > ;; WHEN: Thu Aug 11 20:45:53 2005
> >
> >
> > then when running the same command against itself (the bind 8 server,
which
> > is also a secondary for the same domains) I get:
> >
> >
> > ;; Received 2097 answers (2097 records).
> > ;; FROM: ns.foo.bar to SERVER: 127.0.0.1
> > ;; WHEN: Thu Aug 11 20:48:26 2005
> >
> > Look at the diff in number of records!
>
> Errm, well I'm a bit confused, and it's hard to diagnose when you're
> obfuscating the real domains.
>
> Are you saying
> (1) ns2.foo.bar is slave to ns.foo.bar ?
> Prove it. Dig the SOA record for the zones and show they're the same.
>
> (2) one or other of these machines is running bind 4?? According to what
> you wrote above, they're both running bind 8
>
> If one machine is master and the other slave, then yes they should
> serve the same records. If they don't (and one has 1676 whereas the
> other has 2097) then it should be straightforward enough to prove
> which records are missing. Use sort and diff -u. Then you can
> investigate why they're missing.
>
> I'm afraid I get bored quickly with guessing games. If you won't
> show the real domain, then debugging it is up to you. Good luck.
>
> Cheers,
>
> Brian.
--
Antonio Godinho
B.Sc.,MCP, MCSE, CCNA, CCNP
Maputo
Mozambique
More information about the afnog
mailing list