Mysterious Zone Transfer Problem

C

Christos Kritikos

Hi,

I have configured my primary DNS server to transfer
zones "only to servers listed in the name server tab". I
have three secondary DNS servers all listed in the
corresponding tab. However zone transfers only work for
one of them. The rest of them fail. Notice that if I allow
zone transfer "to all servers" then the zone gets
transfered without problems. Any ideas?

trivia:
primary DNS: Win2k server
secondary DNS: Win2k Adv Servers on a webfarm
All servers run SP4

thanks
christos
 
K

Kevin D. Goodknecht

In
Christos Kritikos said:
Hi,

I have configured my primary DNS server to transfer
zones "only to servers listed in the name server tab". I
have three secondary DNS servers all listed in the
corresponding tab. However zone transfers only work for
one of them. The rest of them fail. Notice that if I allow
zone transfer "to all servers" then the zone gets
transferred without problems. Any ideas?

trivia:
primary DNS: Win2k server
secondary DNS: Win2k Adv Servers on a webfarm
All servers run SP4

thanks
christos
Click to expand...

Allowing zone transfers to DNS servers listed on the Name server tab will
not work if the NS record resolves to a different IP than it makes its
connection from.
You need to allow zone transfers to the IP that the secondary connects from.
 
M

Michael Johnston [MSFT]

You will need to verify that the IP address that these secondaries are using. This may not necessary be the IP bound to the card or if the server is multihomed,
it may not source the zone transfer request from the expected IP address. If the servers are behind a NAT device or firewall, then it may be the firewalls
address that the primary DNS server sees in the request. You can enable DNS logging on the primary and then force a zone transfer from the failing
secondary. Check the DNS log to see what source IP address requested the zone transfer. Logging is enabled through the DNS MMC. Open the properties
of the DNS server in the DNS MMC and click on the Logging tab. Enable all options and restart the DNS service. In the winnt\system32\dns directory a
dns.log file will be created logging all DNS queries. Force the query from the secondary then check this log. Be sure to disable logging once you have the
data.

Thank you,
Mike Johnston

--

This posting is provided "AS IS" with no warranties, and confers no rights. Use of included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm

Note: For the benefit of the community-at-large, all responses to this message are best directed to the newsgroup/thread from which they originated.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Zone Transfer problem - Need Help 6
Zone transfer 19
DBS Zone Transfer Problem 6
zone transfer fails 3
disappearing secondary zones 3
Zone Transfer between Novell DNS and MS DNS. 1
Zone x-fer event 6525 "refused" error happens frequently 9
Setting Zone Transfer Restrictions 4

Top