Hi Anand, That makes perfect sense - thank you! I will play with my refresh values and confirm this is in fact what is happening.
Regards, Chris ----- Original Message ----- From: "Anand Buddhdev" <ana...@ripe.net> To: "chris" <ch...@dunbar.net> Cc: "nsd-users" <nsd-users@lists.nlnetlabs.nl> Sent: Thursday, July 29, 2021 1:03:39 PM Subject: Re: [nsd-users] axfr appears to happen every few minutes On 29/07/2021 15:47, Chris Dunbar via nsd-users wrote: Hi Chris, When NSD wants to refresh a zone, it does not query the master for the zone's SOA record over UDP. Instead, it attempts to do a zone transfer over TCP. It then looks at the first packet of the transfer, and looks for the SOA record in there. If the primary has a newer version of the zone, it completes the transfer. However, if the serial is the same, it abandons the transfer. I suspect that the refresh value in your zones' SOA records is quite low, so the NSD secondaries keep trying frequently, and you see this logged on the primary. Regards, Anand Buddhdev RIPE NCC > Hello, > > I am new to nsd and have been setting up a few servers to eventually replace > my bind servers. Things have been going reasonably well; most problems have > been of my own making. This may be another instance of that, but I would like > to double check. I noticed that in the log file zones appear to be > transferring repeatedly, every few minutes. For example: > > [2021-07-29 13:17:54.719] nsd[26252]: info: axfr for jxxxxxxxxxy.com. from > 5x.xx.xxx.8 > > [2021-07-29 13:22:46.880] nsd[26252]: info: axfr for jxxxxxxxxxy.com. from > 5x.xx.xxx.8 > > [2021-07-29 13:27:20.024] nsd[26252]: info: axfr for jxxxxxxxxxy.com. from > 5x.xx.xxx.8 > > 2021-07-29 13:32:11.180] nsd[26252]: info: axfr for jxxxxxxxxxy.com. from > 5x.xx.xxx.8 > > I've tried to sanitize things a bit, but that is the same zone being > transferred to the same secondary server every 4 to 5 minutes. This is > happening for all of my zones and all of my secondaries. > > 1. Am I interpreting that correctly? > > 2. If yes, Is that normal behavior? > > 3. If no (to #2), what have I likely misconfigured? > > Please let me know if I should provide any additional information. > > Thank you, > Chris > > > _______________________________________________ > nsd-users mailing list > nsd-users@lists.nlnetlabs.nl > https://lists.nlnetlabs.nl/mailman/listinfo/nsd-users > _______________________________________________ nsd-users mailing list nsd-users@lists.nlnetlabs.nl https://lists.nlnetlabs.nl/mailman/listinfo/nsd-users
