DNS

[Juliet]

Hi

What should I do to resolve the following Event Viewer
events. Event 6537 and 6527.

Event ID 6527
Description: The zone xxxx.com expired before it could
obtain a successful zone transfer or update for a master
server acting as its source for the zone. The zone has
been shut down.

Event Id: 6534
Description: Failed transfer of zone xxxx.com for DNS
server at 192.168.x.x. The DNS server at 192.168.x.x
aborted or failed to coomplete the transfer of the zone.
Check DNS server at 192.168.x.x and ensure it is properly
functioning and authoratative for zone aficap.com


Thanks

 

[Kevin D. Goodknecht Sr. [MVP]]

In

Hi

What should I do to resolve the following Event Viewer
events. Event 6537 and 6527.

Event ID 6527
Description: The zone xxxx.com expired before it could
obtain a successful zone transfer or update for a master
server acting as its source for the zone. The zone has
been shut down.

Event Id: 6534
Description: Failed transfer of zone xxxx.com for DNS
server at 192.168.x.x. The DNS server at 192.168.x.x
aborted or failed to coomplete the transfer of the zone.
Check DNS server at 192.168.x.x and ensure it is properly
functioning and authoratative for zone aficap.com


Thanks

Verify that you are allowing zone transfers to all IP address that exist on
the secondary DNS server, even if the secodary is not listening on all IP
addresses.

 

[Michael Johnston [MSFT]]

This indicates that the secondary zone was unable to transfer from the master for more than 24 hours. Once this happens, the secondary stops answering
requests for this zone. To fix the problem, we need to find out why the zone will not transfer. On the server hosting the secondary, open a command prompt.
Run NSLOOKUP and press enter. At the prompt type "server IP" where IP is the address of the server hosting the primary. Then type "ls -d zonename" where
zonename is the name of the zone that will not transfer. Note any errors. If you get an operation refused, then the primary is not configured to allow zone
transfers to you. If you get request timeout, TCP port 53 is most likely blocked. If you successfully get the zone data, then it would appear that the configuration
for the zone in DNS on the secondary is incorrect. Exit out of NSLOOKUP and the command prompt. Open the properties of the zone and verify that it has the
correct IP address of the master. Try forcing a zone transfer while taking a Netmon trace. Examine the trace for problems. You should see a TCP port 53
session from the secondary to the primary requesting the zone.

Thank you,
Mike Johnston [MSFT]
Microsoft Network Support

--

This posting is provided "AS IS" with no warranties, and confers no rights. Use of included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm

Note: For the benefit of the community-at-large, all responses to this message are best directed to the newsgroup/thread from which they originated.

 

[juliet]

hi
i was going through the tabs on the secondary server
located at my office and I noticed that on the name server
tab all the buttons are greyed out for the zone where the
transfers are suppose to be going to. The Ip address says
unknown on the tab as well.

when i performed the nslookup command and entered the
primary dns server information, it gives me back my zone
ip and servername. and it gives the error cannot
find "192.168.x.x" non-existant domain. when i did the
ls -d I also get back my info.

should i try recreting the zone. what should i do.

-----Original Message-----
This indicates that the secondary zone was unable to

transfer from the master for more than 24 hours. Once
this happens, the secondary stops answering

requests for this zone. To fix the problem, we need to

find out why the zone will not transfer. On the server
hosting the secondary, open a command prompt.

Run NSLOOKUP and press enter. At the prompt type "server

IP" where IP is the address of the server hosting the
primary. Then type "ls -d zonename" where

zonename is the name of the zone that will not transfer.

Note any errors. If you get an operation refused, then
the primary is not configured to allow zone

transfers to you. If you get request timeout, TCP port

53 is most likely blocked. If you successfully get the
zone data, then it would appear that the configuration

for the zone in DNS on the secondary is incorrect. Exit

out of NSLOOKUP and the command prompt. Open the
properties of the zone and verify that it has the

correct IP address of the master. Try forcing a zone

transfer while taking a Netmon trace. Examine the trace
for problems. You should see a TCP port 53

session from the secondary to the primary requesting the zone.

Thank you,
Mike Johnston [MSFT]
Microsoft Network Support

confers no rights. Use of included script samples are
subject to the terms specified at

http://www.microsoft.com/info/cpyright.htm

Note: For the benefit of the community-at-large, all

responses to this message are best directed to the
newsgroup/thread from which they originated.

 

[Michael Johnston [MSFT]]

It's normal for the controls on the name server tab to be greyed out since this is a secondary. You can't edit this zone since it's a secondary. Try recreating the
zone. If that doesn't work, take a trace of a forced zone transfer and check for any errors in the trace. You could also enable DNS logging on the server. This
too make give more detail about why it's failing.

Thank you,
Mike Johnston [MSFT]
Microsoft Network Support

--

This posting is provided "AS IS" with no warranties, and confers no rights. Use of included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm

Note: For the benefit of the community-at-large, all responses to this message are best directed to the newsgroup/thread from which they originated.