Thanks for the response.
Forgot to mention there is no firewall between the subnets. I was
able to successfully telnet to port 53 from the master to slave and
from the slave to master. Also have tcpdump info
Here are my configs.
Thanks!
options {
directory "/var/named";
pid-file "/var/named/data/named.pid";
statistics-file "/var/named/data/named.stats";
dump-file "/var/named/data/named.db";
allow-transfer {key test; };
notify yes;
also-notify { 192.168.16.10 };
recursive-clients 10000;
cleaning-interval 30;
};
zone "." in {
type hint;
file "named.ca";
};
zone "cromwellconsultant.net" in {
type master;
file "example.net";
};
zone "6.168.192.in-addr.arpa" in {
type master;
file "6.168.192";
};
zone "16.168.192.in-addr.arpa" in {
type master;
file "16.168.192";
};
zone "0.0.127.in-addr.arpa" in {
type master;
file "named.local";
};
zone "0.in-addr.arpa" IN {
type master;
file "named.zero";
options {
directory "/var/named";
pid-file "/var/named/data/named.pid";
statistics-file "/var/named/data/named.stats";
dump-file "/var/named/data/named.db";
allow-transfer { none; };
notify no;
recursive-clients 10000;
cleaning-interval 30;
};
zone "." in {
type hint;
file "named.ca";
};
zone "cromwellconsultant.net" in {
type slave;
masters {192.168.6.10; };
file "slaves/bak.cromwellconsultant.net";
};
zone "6.168.192.in-addr.arpa" in {
type slave;
masters {192.168.6.10; };
file "slaves/bak.192.168";
};
zone "16.168.192.in-addr.arpa" in {
type slave;
masters {192.168.6.10; };
file "slaves/bak.192.168";
};
zone "0.0.127.in-addr.arpa" in {
type master;
file "named.local";
};
zone "0.in-addr.arpa" IN {
type master;
file "named.zero";
};
Here is the error messages again from the slave
Sep 24 09:38:43 ns2 named[11967]: client 192.168.6.10#32839: received
notify for zone 'cromwellconsultant.net'
Sep 24 09:38:43 ns2 named[11967]: zone cromwellconsultant.net/IN:
Transfer started.
Sep 24 09:38:43 ns2 named[11967]: transfer of 'cromwellconsultant.net/
IN' from 192.168.6.10#53: connected using 192.168.16.10#50190
Sep 24 09:42:09 ns2 named[11967]: transfer of 'cromwellconsultant.net/
IN' from 192.168.6.10#53: failed while receiving responses:
connection reset
Sep 24 09:42:09 ns2 named[11967]: transfer of 'cromwellconsultant.net/
IN' from 192.168.6.10#53: end of transfer
Here is some dump info from the slave
21:31:30.339532 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF],
proto: UDP (17), length: 57) ns2.cromwellconsultant.net.domain >
ns1.cromwellconsultant.net.32839: 54589 notify* 0/0/0 (29)
21:31:30.339662 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF],
proto: UDP (17), length: 146) ns2.cromwellconsultant.net.32825 >
ns1.cromwellconsultant.net.domain: 28457 [2au] SOA? berklee.net. (118)
21:31:30.340769 IP (tos 0x0, ttl 64, id 25023, offset 0, flags [DF],
proto: TCP (6), length: 60) ns2.cromwellconsultant.net.50679 >
ns1.cromwellconsultant.net.domain: S, cksum 0xb5c9 (correct),
402274578:402274578(0) win 5840 <mss 1460,sackOK,timestamp 3780532397
0,nop,wscale 7>
21:31:30.340942 IP (tos 0x0, ttl 64, id 25024, offset 0, flags [DF],
proto: TCP (6), length: 52) ns2.cromwellconsultant.net.50679 >
ns1.cromwellconsultant.net.domain: ., cksum 0x3939 (correct), ack
1631924298 win 46 <nop,nop,timestamp 3780532398 4251529972>
21:31:30.341123 IP (tos 0x0, ttl 64, id 25025, offset 0, flags [DF],
proto: TCP (6), length: 54) ns2.cromwellconusultant.50679 >
ns1.cromwellconsultant.net.domain: P, cksum 0x2a52 (incorrect (->
0x388a), 0:2(2) ack 1 win 46 <nop,nop,timestamp 3780532398 4251529972>
21:31:30.542585 IP (tos 0x0, ttl 64, id 25026, offset 0, flags [DF],
proto: TCP (6), length: 54) ns2.cromwellconsultant.net.50679 >
ns1.cromwellconsultant.net.domain: P, cksum 0x2a52 (incorrect (->
0x37c1), 0:2(2) ack 1 win 46 <nop,nop,timestamp 3780532599 4251529972>
21:31:30.944568 IP (tos 0x0, ttl 64, id 25027, offset 0, flags [DF],
proto: TCP (6), length: 54) ns2.cromwellconsultant.net.50679 >
ns1.cromwellconsultant.net.domain: P, cksum 0x2a52 (incorrect (->
0x362f), 0:2(2) ack 1 win 46 <nop,nop,timestamp 3780533001 4251529972>
21:31:31.748550 IP (tos 0x0, ttl 64, id 25028, offset 0, flags [DF],
proto: TCP (6), length: 54) ns2.cromwellconsultant.net.50679 >
ns1.cromwellconsultant.net.domain: P, cksum 0x2a52 (incorrect (->
0x330b), 0:2(2) ack 1 win 46 <nop,nop,timestamp 3780533805 4251529972>
Many thanks
On Sep 23, 2008, at 3:58 PM, Dawn Connelly wrote:
> can you telnet on port 53 between the boxes? Most of the time when
> I have seen a connection reset, it's a firewall in the middle.
> Other possibility is that the source IP is getting NAT'd to a
> different IP address by the time it hits the master server. Run a
> tcpdump or snoop or whatever for your platform to see if the
> traffic is actually making it from one box to the other in the way
> that you expect. At least, that is where I would start. If you
> don't see any traffic, look at what devices would be blocking or
> changing it.
>
> What do the logs on the master server say? Can you send a scrubbed
> named.conf so we can make sure that the zone transfers are set up
> correctly?
>
> On Tue, Sep 23, 2008 at 12:39 PM, Wayne Cromwell
> <[EMAIL PROTECTED]> wrote:
> Hi,
>
> When I do a rndc reload of my zones, I'm getting the error messages
> below on the slave. All seems in good order with my conf file on the
> master and slave . I checked permissions and all is well. I restarted
> named on my slave, but my slave dns still timeouts with the transfer.
> Any help will greatly be appreciated.
>
> Thanks
>
>
> client 192.168.6.10#32839: received notify for zone
> 'cromwellconsultant.net'
> Sep 23 10:49:05 ns2 named[25536]: zone cromwellconsultant.net/IN:
> Transfer started.
> Sep 23 10:49:05 ns2 named[25536]: transfer of 'cromwellconsultant.net/
> IN' from 192.168.6.10#53: connected using 192.168.6.10#47364
> transfer of 'cromwellconsultent.net/IN' from 192.168.6.10#53: failed
> while receiving responses: connection reset
> Sep 23 10:52:31 ns2 named[25536]: transfer of 'cromwellconsultant.net/
> IN' from 192.168.6.10#53: end of transfer
>
>
>
>
>
> --
> Google for President
> YouTube for VP
> in any year divisible by 4
>
