Menu

#5277 Bind 9.9: Testing transfer of slave zone from .. .. from : Failed : /bin/dig: couldn't get address for '': not found

1.910
open
nobody
BIND DNS Server (230)
5
2019-09-23
2019-06-17
Tom
No

Hi all

I'm running 1.910 on latest CentOS 7 with BIND version 9.9.
I have a lot of slave zones, in case i open a slave zone and click on "Test Zone Transfer" then i get this error message:

Testing transfer of slave zone from ..
.. from : Failed : /bin/dig: couldn't get address for '': not found

This worked very well in the past, but since the last few versions it seems broken.

Any ideas how to fix it or what i'm doing wrong?

Br
Tom

Discussion

  • Christian

    Christian - 2019-06-19
     

    • Tom

      Tom - 2019-06-19

      I like - thank you(!)

       

    • Tom

      Tom - 2019-06-19

      I confirm, works as expected:

      Result:
      Testing transfer of slave zone from 10.0.1.30 ..
      .. from 10.0.1.30 : Completed OK
      Test transfer successfully fetched 10 records from at least one nameserver. Actual transfers by BIND should also succeed.

       

  • penguinpages

    penguinpages - 2019-08-29

    I am trying to get DNS replication setup as a cluster peer.

    Goal is to have peer replica DNS servers such that both are able to make store and forwared changes for a given set of zones.

    I downloaded this change and getting error

    wget http://www.webmin.com/jcameron-key.asc
    rpm --import jcameron-key.asc
    vi /etc/yum.repos.d/webmin.repo
    [Webmin]
    name=Webmin Distribution Neutral

    baseurl=http://download.webmin.com/download/yum

    mirrorlist=http://download.webmin.com/download/yum/mirrorlist
    enabled=1
    yum install webmin

    fix webex bind zone transfer issue https://sourceforge.net/p/webadmin/bugs/5277/

    mv /usr/libexec/webmin/bind8/xfer.cgi /usr/libexec/webmin/bind8/xfer.cgi.orig
    wget https://github.com/webmin/webmin/blob/2d232f070e45b301e23d4d5b26994ec4b8abf6ab/bind8/xfer.cgi

    Error on test Zone Transfer:
    500 - Error - Perl execution failed
    Excessively long <> operator at /usr/libexec/webmin/bind8/xfer.cgi line 21.

    Line 21 is...



     

    • Jamie Cameron

      Jamie Cameron - 2019-08-30

      So what's on line 21 ?

       

  • penguinpages

    penguinpages - 2019-09-01

    That file fixes the forward zone. But my reverse zones do not transfer.

    One thing also is that even though I select to add PTR records when I add A records, it is not adding them to the Reverse zones

    I have one forward

    Ex: acme.com

    and four reverse
    172.16.100.0
    172.16.101.0
    172.16.102.0
    172.16.103.0

    I have tried to google around and find some documentation on how to make two Linux DNS servers work as peers. Doing zone transfers. with DDNS so I can bind it to OpenShift.

     

    • Christian

      Christian - 2019-09-02

      I can find no error.
      Try this:

      master: /etc/bind/named.conf.local

zone "2.1.0.in-addr.arpa" {
        type master;
        file "/var/lib/bind/0.1.2.rev";
        };


master: /var/lib/bind/0.1.2.rev

$ttl 38400
2.1.0.in-addr.arpa.     IN      SOA     XXX.XXX. test-0-1-2-reverse.XXX.XXX. (
                        2019090204
                        10800
                        3600
                        604800
                        38400 )
2.1.0.in-addr.arpa.     IN      NS      XXX.XXX.
3.2.1.0.in-addr.arpa.   IN      PTR     host3.XXX.XXX.





slave: /etc/bind/named.conf.local

zone "2.1.0.in-addr.arpa" {
        type slave;
        masters {
                xxxx:xxxx:xxxx:xxxx::xxxx;
                xxx.xxx.xxx.xxx;
                };
        file "/var/lib/bind/0.1.2.rev";
        };


slave: /var/lib/bind/0.1.2.rev

$ORIGIN .
$TTL 38400      ; 10 hours 40 minutes
2.1.0.in-addr.arpa      IN SOA  XXX.XXX. test-0-1-2-reverse.XXX.XXX. (
                                2019090204 ; serial
                                10800      ; refresh (3 hours)
                                3600       ; retry (1 hour)
                                604800     ; expire (1 week)
                                38400      ; minimum (10 hours 40 minutes)
                                )
                        NS      XXX.XXX.
$ORIGIN 2.1.0.in-addr.arpa.
3                       PTR     host3.XXX.XXX.





slave: Test Zone Transfer
0.1.2   
Testing transfer of slave zone from xxxx:xxxx:xxxx:xxxx::xxxx xxx.xxx.xxx.xxx ..
.. from xxxx:xxxx:xxxx:xxxx::xxxx : Completed OK
.. from xxx.xxx.xxx.xxx : Completed OK

Test transfer successfully fetched 4 records from at least one nameserver. Actual transfers by BIND should also succeed.
       

    • penguinpages

      penguinpages - 2019-09-19

      Update to this post. The reason for the lack of link of forward to reverse is that the name of zone is not as Webmin expects. I was using full "subnet name" Ex: 172.16.100.0 and what you have to do is use the short name Ex: 172.16.100 if you add the .0 it fails.

       

  • Jamie Cameron

    Jamie Cameron - 2019-09-01

    Can you post the entries in your /etc/named.conf for those reverse zones?

     

  • penguinpages

    penguinpages - 2019-09-02
    Post awaiting moderation.

  • penguinpages

    penguinpages - 2019-09-19

    I will post here as I believe this is in same related thread.

    Reverse zone now allows when A recorded created to create PTR record. But when I go to my "slave server" .. I get error on test to transfer zone. (and it is listed in the servers to allow transfer and notify of changes.

    Testing transfer of slave zone from 172.16.100.41 ..
    .. from 172.16.100.41 : Failed : ; <<>> DiG 9.11.4-P2-RedHat-9.11.4-9.P2.el7 <<>> IN AXFR 0.100.16.172.in-addr.arpa @172.16.100.41 ;; global options: +cmd ; Transfer failed.

    I did a test to dump and re-create of zone file and some odd errors in /var/log/messages

    Sep 19 12:11:56 ns02 named[12503]: received control channel command 'sync 0.100.16.172.in-addr.arpa'
    Sep 19 12:11:56 ns02 named[12503]: sync: dumping zone '0.100.16.172.in-addr.arpa/IN': success
    Sep 19 12:12:28 ns02 named[12503]: received control channel command 'sync 100.16.172.in-addr.arpa'
    Sep 19 12:12:57 ns02 named[12503]: zone 0.100.16.172.in-addr.arpa/IN: refresh: unexpected rcode (REFUSED) from master 172.16.100.41#53 (source 0.0.0.0#0)
    Sep 19 12:12:57 ns02 named[12503]: zone 0.100.16.172.in-addr.arpa/IN: Transfer started.
    Sep 19 12:12:57 ns02 named[12503]: transfer of '0.100.16.172.in-addr.arpa/IN' from 172.16.100.41#53: connected using 172.16.100.42#55350
    Sep 19 12:12:58 ns02 named[12503]: transfer of '0.100.16.172.in-addr.arpa/IN' from 172.16.100.41#53: failed while receiving responses: NOTAUTH
    Sep 19 12:12:58 ns02 named[12503]: transfer of '0.100.16.172.in-addr.arpa/IN' from 172.16.100.41#53: Transfer status: NOTAUTH
    Sep 19 12:12:58 ns02 named[12503]: transfer of '0.100.16.172.in-addr.arpa/IN' from 172.16.100.41#53: Transfer completed: 0 messages, 0 records, 0 bytes, 0.001 secs (0 bytes/sec)
    Sep 19 12:13:19 ns02 named[12503]: received control channel command 'sync 100.16.172.in-addr.arpa'
    Sep 19 12:13:55 ns02 named[12503]: received control channel command 'sync 100.16.172.in-addr.arpa'
    Sep 19 12:13:57 ns02 named[12503]: received control channel command 'freeze 100.16.172.in-addr.arpa'
    Sep 19 12:13:58 ns02 named[12503]: received control channel command 'reload 100.16.172.in-addr.arpa'
    Sep 19 12:13:59 ns02 named[12503]: received control channel command 'thaw 100.16.172.in-addr.arpa'
    Sep 19 12:14:00 ns02 systemd: Stopping Berkeley Internet Name Domain (DNS)...
    Sep 19 12:14:00 ns02 named[12503]: received control channel command 'stop'
    Sep 19 12:14:00 ns02 named[12503]: shutting down: flushing changes
    Sep 19 12:14:00 ns02 named[12503]: stopping command channel on 127.0.0.1#953
    Sep 19 12:14:00 ns02 named[12503]: no longer listening on 172.16.100.42#53
    Sep 19 12:14:00 ns02 named[12503]: no longer listening on ::1#53
    Sep 19 12:14:00 ns02 named[12503]: exiting
    Sep 19 12:14:00 ns02 systemd: Stopped Berkeley Internet Name Domain (DNS).
    Sep 19 12:14:01 ns02 systemd: Starting Generate rndc key for BIND (DNS)...
    Sep 19 12:14:01 ns02 systemd: Started Generate rndc key for BIND (DNS).
    Sep 19 12:14:01 ns02 systemd: Starting Berkeley Internet Name Domain (DNS)...
    Sep 19 12:14:01 ns02 bash: zone localhost.localdomain/IN: loaded serial 0
    Sep 19 12:14:01 ns02 bash: zone localhost/IN: loaded serial 0
    Sep 19 12:14:01 ns02 bash: zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: loaded serial 0
    Sep 19 12:14:01 ns02 bash: zone 1.0.0.127.in-addr.arpa/IN: loaded serial 0
    Sep 19 12:14:01 ns02 bash: zone 0.in-addr.arpa/IN: loaded serial 0
    Sep 19 12:14:01 ns02 named[13987]: starting BIND 9.11.4-P2-RedHat-9.11.4-9.P2.el7 (Extended Support Version) <id:7107deb>
    Sep 19 12:14:01 ns02 named[13987]: running on Linux x86_64 3.10.0-1062.1.1.el7.x86_64 #1 SMP Fri Sep 13 22:55:44 UTC 2019
    Sep 19 12:14:01 ns02 named[13987]: built with '--build=x86_64-redhat-linux-gnu' '--host=x86_64-redhat-linux-gnu' '--program-prefix=' '--disable-dependency-tracking' '--prefix=/usr' '--exec-prefix=/usr' '--bindir=/usr/bin' '--sbindir=/usr/sbin' '--sysconfdir=/etc' '--datadir=/usr/share' '--includedir=/usr/include' '--libdir=/usr/lib64' '--libexecdir=/usr/libexec' '--sharedstatedir=/var/lib' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--with-python=/usr/bin/python' '--with-libtool' '--localstatedir=/var' '--enable-threads' '--enable-ipv6' '--enable-filter-aaaa' '--enable-rrl' '--with-pic' '--disable-static' '--includedir=/usr/include/bind9' '--with-geoip' '--with-libidn' '--enable-openssl-hash' '--enable-native-pkcs11' '--with-pkcs11=/usr/lib64/pkcs11/libsofthsm2.so' '--with-dlopen=yes' '--with-dlz-ldap=yes' '--with-dlz-postgres=yes' '--with-dlz-mysql=yes' '--with-dlz-filesystem=yes' '--with-dlz-bdb=yes' '--with-gssapi=yes' '--disable-isc-spnego' '--with-lmdb=no' '--with-atf=yes' '--enable-fixed-rrset' '--with-tuning=large' '--with-docbook-xsl=/usr/share/sgml/docbook/xsl-stylesheets' '--enable-full-report' 'build_alias=x86_64-redhat-linux-gnu' 'host_alias=x86_64-redhat-linux-gnu' 'CFLAGS= -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -m64 -mtune=generic' 'LDFLAGS=-Wl,-z,relro ' 'CPPFLAGS= -DDIG_SIGCHASE'
    Sep 19 12:14:01 ns02 named[13987]: running as: named -u named -c /etc/named.conf
    Sep 19 12:14:01 ns02 named[13987]: compiled by GCC 4.8.5 20150623 (Red Hat 4.8.5-39)
    Sep 19 12:14:01 ns02 named[13987]: compiled with OpenSSL version: OpenSSL 1.0.2k 26 Jan 2017
    Sep 19 12:14:01 ns02 named[13987]: linked to OpenSSL version: OpenSSL 1.0.2k-fips 26 Jan 2017
    Sep 19 12:14:01 ns02 named[13987]: compiled with libxml2 version: 2.9.1
    Sep 19 12:14:01 ns02 named[13987]: linked to libxml2 version: 20901
    Sep 19 12:14:01 ns02 named[13987]: compiled with zlib version: 1.2.7
    Sep 19 12:14:01 ns02 named[13987]: linked to zlib version: 1.2.7
    Sep 19 12:14:01 ns02 named[13987]: threads support is enabled
    Sep 19 12:14:01 ns02 named[13987]: ----------------------------------------------------
    Sep 19 12:14:01 ns02 named[13987]: BIND 9 is maintained by Internet Systems Consortium,
    Sep 19 12:14:01 ns02 named[13987]: Inc. (ISC), a non-profit 501(c)(3) public-benefit
    Sep 19 12:14:01 ns02 named[13987]: corporation. Support and training for BIND 9 are
    Sep 19 12:14:01 ns02 named[13987]: available at https://www.isc.org/support
    Sep 19 12:14:01 ns02 named[13987]: ----------------------------------------------------
    Sep 19 12:14:01 ns02 named[13987]: adjusted limit on open files from 4096 to 1048576
    Sep 19 12:14:01 ns02 named[13987]: found 4 CPUs, using 4 worker threads
    Sep 19 12:14:01 ns02 named[13987]: using 3 UDP listeners per interface
    Sep 19 12:14:01 ns02 named[13987]: using up to 21000 sockets
    Sep 19 12:14:01 ns02 named[13987]: loading configuration from '/etc/named.conf'
    Sep 19 12:14:01 ns02 named[13987]: reading built-in trust anchors from file '/etc/named.root.key'
    Sep 19 12:14:01 ns02 named[13987]: initializing GeoIP Country (IPv4) (type 1) DB
    Sep 19 12:14:01 ns02 named[13987]: GEO-106FREE 20180327 Build 1 Copyright (c) 2018 MaxMind Inc All Rights Reserved
    Sep 19 12:14:01 ns02 named[13987]: initializing GeoIP Country (IPv6) (type 12) DB
    Sep 19 12:14:01 ns02 named[13987]: GEO-106FREE 20180605 Build 1 Copyright (c) 2018 MaxMind Inc All Rights Reserved
    Sep 19 12:14:01 ns02 named[13987]: GeoIP City (IPv4) (type 2) DB not available
    Sep 19 12:14:01 ns02 named[13987]: GeoIP City (IPv4) (type 6) DB not available
    Sep 19 12:14:01 ns02 named[13987]: GeoIP City (IPv6) (type 30) DB not available
    Sep 19 12:14:01 ns02 named[13987]: GeoIP City (IPv6) (type 31) DB not available
    Sep 19 12:14:01 ns02 named[13987]: GeoIP Region (type 3) DB not available
    Sep 19 12:14:01 ns02 named[13987]: GeoIP Region (type 7) DB not available
    Sep 19 12:14:01 ns02 named[13987]: GeoIP ISP (type 4) DB not available
    Sep 19 12:14:01 ns02 named[13987]: GeoIP Org (type 5) DB not available
    Sep 19 12:14:01 ns02 named[13987]: GeoIP AS (type 9) DB not available
    Sep 19 12:14:01 ns02 named[13987]: GeoIP Domain (type 11) DB not available
    Sep 19 12:14:01 ns02 named[13987]: GeoIP NetSpeed (type 10) DB not available
    Sep 19 12:14:01 ns02 named[13987]: using default UDP/IPv4 port range: [32768, 60999]
    Sep 19 12:14:01 ns02 named[13987]: using default UDP/IPv6 port range: [32768, 60999]
    Sep 19 12:14:01 ns02 named[13987]: listening on IPv4 interface eth0, 172.16.100.42#53
    Sep 19 12:14:01 ns02 named[13987]: listening on IPv6 interface lo, ::1#53
    Sep 19 12:14:01 ns02 named[13987]: generating session key for dynamic DNS
    Sep 19 12:14:01 ns02 named[13987]: sizing zone task pool based on 8 zones
    Sep 19 12:14:01 ns02 named[13987]: none:104: 'max-cache-size 90%' - setting to 1394MB (out of 1549MB)
    Sep 19 12:14:01 ns02 named[13987]: set up managed keys zone for view _default, file '/var/named/dynamic/managed-keys.bind'
    Sep 19 12:14:01 ns02 named[13987]: automatic empty zone: 10.IN-ADDR.ARPA
    Sep 19 12:14:01 ns02 named[13987]: automatic empty zone: 16.172.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 17.172.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 18.172.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 19.172.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 20.172.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 21.172.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 22.172.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 23.172.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 24.172.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 25.172.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 26.172.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 27.172.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 28.172.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 29.172.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 30.172.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 31.172.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 168.192.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 64.100.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 65.100.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 66.100.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 67.100.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 68.100.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 69.100.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 70.100.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 71.100.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 72.100.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 73.100.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 74.100.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 75.100.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 76.100.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 77.100.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 78.100.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 79.100.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 80.100.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 81.100.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 82.100.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 83.100.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 84.100.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 85.100.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 86.100.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 87.100.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 88.100.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 89.100.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 90.100.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 91.100.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 92.100.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 93.100.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 94.100.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 95.100.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 96.100.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 97.100.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 98.100.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 99.100.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 100.100.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 101.100.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 102.100.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 103.100.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 104.100.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 105.100.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 106.100.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 107.100.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 108.100.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 109.100.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 110.100.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 111.100.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 112.100.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 113.100.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 114.100.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 115.100.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 116.100.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 117.100.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 118.100.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 119.100.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 120.100.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 121.100.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 122.100.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 123.100.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 124.100.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 125.100.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 126.100.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 127.100.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 127.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 254.169.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 2.0.192.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 100.51.198.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 113.0.203.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 255.255.255.255.IN-ADDR.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: D.F.IP6.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 8.E.F.IP6.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 9.E.F.IP6.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: A.E.F.IP6.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: B.E.F.IP6.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: 8.B.D.0.1.0.0.2.IP6.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: EMPTY.AS112.ARPA
    Sep 19 12:14:02 ns02 named[13987]: automatic empty zone: HOME.ARPA
    Sep 19 12:14:02 ns02 named[13987]: none:104: 'max-cache-size 90%' - setting to 1394MB (out of 1549MB)
    Sep 19 12:14:02 ns02 named[13987]: command channel listening on 127.0.0.1#953
    Sep 19 12:14:02 ns02 named[13987]: managed-keys-zone: journal file is out of date: removing journal file
    Sep 19 12:14:02 ns02 named[13987]: managed-keys-zone: loaded serial 23
    Sep 19 12:14:02 ns02 named[13987]: zone 0.in-addr.arpa/IN: loaded serial 0
    Sep 19 12:14:02 ns02 named[13987]: zone localhost/IN: loaded serial 0
    Sep 19 12:14:02 ns02 named[13987]: zone 1.0.0.127.in-addr.arpa/IN: loaded serial 0
    Sep 19 12:14:02 ns02 named[13987]: zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: loaded serial 0
    Sep 19 12:14:02 ns02 named[13987]: zone penguinpages.local/IN: loaded serial 1568897613
    Sep 19 12:14:02 ns02 named[13987]: ../../../lib/dns/master.c:2188: unexpected error:
    Sep 19 12:14:02 ns02 named[13987]: isc_stdio_read failed: end of file
    Sep 19 12:14:02 ns02 named[13987]: zone 100.16.172.in-addr.arpa/IN: loading from master file /var/named/slaves/172.16.100.rev failed: end of file
    Sep 19 12:14:02 ns02 named[13987]: zone 100.16.172.in-addr.arpa/IN: unable to load from '/var/named/slaves/172.16.100.rev'; renaming file to '/var/named/slaves/db-7NqBlc1j' for failure analysis and retransferring.
    Sep 19 12:14:02 ns02 named[13987]: zone localhost.localdomain/IN: loaded serial 0
    Sep 19 12:14:02 ns02 named[13987]: all zones loaded
    Sep 19 12:14:02 ns02 named[13987]: running
    Sep 19 12:14:02 ns02 named[13987]: zone penguinpages.local/IN: sending notifies (serial 1568897613)
    Sep 19 12:14:02 ns02 named[13987]: zone 100.16.172.in-addr.arpa/IN: refresh: unexpected rcode (REFUSED) from master 172.16.100.41#53 (source 0.0.0.0#0)
    Sep 19 12:14:02 ns02 named[13987]: zone 100.16.172.in-addr.arpa/IN: Transfer started.
    Sep 19 12:14:02 ns02 named[13987]: network unreachable resolving 'ns02/A/IN': 2001:500:200::b#53
    Sep 19 12:14:02 ns02 named[13987]: network unreachable resolving 'ns02/AAAA/IN': 2001:500:200::b#53
    Sep 19 12:14:02 ns02 named[13987]: network unreachable resolving 'ns02/A/IN': 2001:500:2::c#53
    Sep 19 12:14:02 ns02 named[13987]: network unreachable resolving 'ns02/AAAA/IN': 2001:500:2::c#53
    Sep 19 12:14:02 ns02 named[13987]: network unreachable resolving 'ns02/A/IN': 2001:503:ba3e::2:30#53
    Sep 19 12:14:02 ns02 named[13987]: network unreachable resolving 'ns02/AAAA/IN': 2001:503:ba3e::2:30#53
    Sep 19 12:14:02 ns02 named[13987]: network unreachable resolving 'ns02/A/IN': 2001:500:9f::42#53
    Sep 19 12:14:02 ns02 named[13987]: network unreachable resolving 'ns02/AAAA/IN': 2001:500:9f::42#53
    Sep 19 12:14:02 ns02 named[13987]: network unreachable resolving 'ns02/A/IN': 2001:500:2f::f#53
    Sep 19 12:14:02 ns02 named[13987]: network unreachable resolving 'ns02/AAAA/IN': 2001:500:2f::f#53
    Sep 19 12:14:02 ns02 named[13987]: network unreachable resolving 'ns02/A/IN': 2001:7fe::53#53
    Sep 19 12:14:02 ns02 named[13987]: network unreachable resolving 'ns02/AAAA/IN': 2001:7fe::53#53
    Sep 19 12:14:02 ns02 named[13987]: network unreachable resolving 'ns02/A/IN': 2001:dc3::35#53
    Sep 19 12:14:02 ns02 named[13987]: network unreachable resolving 'ns02/AAAA/IN': 2001:dc3::35#53
    Sep 19 12:14:02 ns02 named[13987]: network unreachable resolving 'ns02/A/IN': 2001:500:a8::e#53
    Sep 19 12:14:02 ns02 named[13987]: network unreachable resolving 'ns02/AAAA/IN': 2001:500:a8::e#53
    Sep 19 12:14:02 ns02 named[13987]: network unreachable resolving 'ns02/A/IN': 2001:7fd::1#53
    Sep 19 12:14:02 ns02 named[13987]: network unreachable resolving 'ns02/AAAA/IN': 2001:7fd::1#53
    Sep 19 12:14:02 ns02 named[13987]: transfer of '100.16.172.in-addr.arpa/IN' from 172.16.100.41#53: connected using 172.16.100.42#51250
    Sep 19 12:14:02 ns02 named[13987]: network unreachable resolving './DNSKEY/IN': 2001:500:12::d0d#53
    Sep 19 12:14:02 ns02 named[13987]: network unreachable resolving './NS/IN': 2001:500:12::d0d#53
    Sep 19 12:14:02 ns02 named[13987]: network unreachable resolving './DNSKEY/IN': 2001:500:1::53#53
    Sep 19 12:14:02 ns02 named[13987]: transfer of '100.16.172.in-addr.arpa/IN' from 172.16.100.41#53: failed while receiving responses: REFUSED
    Sep 19 12:14:02 ns02 named[13987]: transfer of '100.16.172.in-addr.arpa/IN' from 172.16.100.41#53: Transfer status: REFUSED
    Sep 19 12:14:02 ns02 systemd: Started Berkeley Internet Name Domain (DNS).
    Sep 19 12:14:02 ns02 named[13987]: transfer of '100.16.172.in-addr.arpa/IN' from 172.16.100.41#53: Transfer completed: 0 messages, 0 records, 0 bytes, 0.001 secs (0 bytes/sec)
    Sep 19 12:14:02 ns02 named[13987]: network unreachable resolving './NS/IN': 2001:500:1::53#53
    Sep 19 12:14:02 ns02 named[13987]: network unreachable resolving './DNSKEY/IN': 2001:500:2d::d#53
    Sep 19 12:14:02 ns02 named[13987]: network unreachable resolving 'ns02/A/IN': 2001:500:12::d0d#53
    Sep 19 12:14:02 ns02 named[13987]: network unreachable resolving './NS/IN': 2001:500:2d::d#53
    Sep 19 12:14:02 ns02 named[13987]: network unreachable resolving 'ns02/AAAA/IN': 2001:500:12::d0d#53
    Sep 19 12:14:02 ns02 named[13987]: network unreachable resolving './DNSKEY/IN': 2001:503:c27::2:30#53
    Sep 19 12:14:02 ns02 named[13987]: network unreachable resolving 'ns02/A/IN': 2001:500:1::53#53
    Sep 19 12:14:02 ns02 named[13987]: network unreachable resolving './NS/IN': 2001:503:c27::2:30#53
    Sep 19 12:14:02 ns02 named[13987]: network unreachable resolving 'ns02/AAAA/IN': 2001:500:1::53#53
    Sep 19 12:14:02 ns02 named[13987]: network unreachable resolving './DNSKEY/IN': 2001:500:200::b#53
    Sep 19 12:14:02 ns02 named[13987]: network unreachable resolving 'ns02/A/IN': 2001:500:2d::d#53
    Sep 19 12:14:02 ns02 named[13987]: network unreachable resolving 'ns02/AAAA/IN': 2001:500:2d::d#53
    Sep 19 12:14:02 ns02 named[13987]: network unreachable resolving 'ns02/A/IN': 2001:503:c27::2:30#53
    Sep 19 12:14:02 ns02 named[13987]: network unreachable resolving './NS/IN': 2001:500:200::b#53
    Sep 19 12:14:02 ns02 named[13987]: network unreachable resolving 'ns02/AAAA/IN': 2001:503:c27::2:30#53
    Sep 19 12:14:02 ns02 named[13987]: managed-keys-zone: Key 20326 for zone . acceptance timer complete: key now trusted
    Sep 19 12:14:02 ns02 named[13987]: resolver priming query complete
    Sep 19 12:14:59 ns02 named[13987]: zone 100.16.172.in-addr.arpa/IN: refresh: unexpected rcode (REFUSED) from master 172.16.100.41#53 (source 0.0.0.0#0)
    Sep 19 12:14:59 ns02 named[13987]: zone 100.16.172.in-addr.arpa/IN: Transfer started.
    Sep 19 12:14:59 ns02 named[13987]: transfer of '100.16.172.in-addr.arpa/IN' from 172.16.100.41#53: connected using 172.16.100.42#50644
    Sep 19 12:14:59 ns02 named[13987]: transfer of '100.16.172.in-addr.arpa/IN' from 172.16.100.41#53: failed while receiving responses: REFUSED
    Sep 19 12:14:59 ns02 named[13987]: transfer of '100.16.172.in-addr.arpa/IN' from 172.16.100.41#53: Transfer status: REFUSED
    Sep 19 12:14:59 ns02 named[13987]: transfer of '100.16.172.in-addr.arpa/IN' from 172.16.100.41#53: Transfer completed: 0 messages, 0 records, 0 bytes, 0.001 secs (0 bytes/sec)</id:7107deb>

    If I restart bind it starts ok. but a lot of errors about:
    network unreachable resolving './DNSKEY/IN': 2001:503:c27::2:30#53

    But I think these are ipv6 related .. https://serverfault.com/questions/639061/network-unreachable-error-in-my-server-logs and I will tackle that later: One error at a time:)

     

  • Jamie Cameron

    Jamie Cameron - 2019-09-22

    Did you also setup that reverse zone to allow transfers from the master? It would need to be configured entirely separately from any forward zones.

     

  • penguinpages

    penguinpages - 2019-09-23

    I did but initially it was not transfering. I am not 100% sure which setting fixed the lack of transfer. I think it was explicity calling out:

    Zone Options -> Allow updates from.. and listing both servers.

    My concern with this is that the end goal is to support OpenShift V4 which has some very specific DNS requirements.

    My goal was that they would be peers but seems that one is master the other slave.. and I can just promote different roles as needed.

     

Log in to post a comment.