Help! Zone transfer failures with BIND 9.2.3

Discussion in 'DNS Server' started by clburke, Mar 14, 2006.

  1. clburke

    clburke Guest

    Hello,

    I am in the process of trying to replace an HP-UX BIND 4.x server with a
    Windows 2003 DNS server. The current HP-UX BIND 4.x is a secondary for two
    zones that are transferred from another organization. As we try to replace
    the BIND 4.x server, we are running into a major problem doing zone transfers
    with the "source" of these two, aforementioned zones, a server running BIND
    9.2.3 (our firewall.)

    We've been able to recreate the problem on a standard Linux box running BIND
    9.2.3 -- we've attempted to perform zone transfers from this server running
    BIND 9.2.3 with both Windows Server 2003 SP1 and Windows 2000 SP4. In both
    cases, we receive the following error (after seeing all the zone data
    transfer in the debug log:)

    "The DNS server failed to process a packet from <source IP>. The packet was
    discarded."

    The transfer then dies silently (on the BIND side) and simply fails to
    create the database file on the Windows server.

    Some items to note:

    1. The zone file is large-ish (42k.)
    2. The BIND 9.2.3 server (where I'm transferring from) is a secondary ALSO
    for this zone -- I'm trying to create a secondary from a secondary.
    3. I CAN transfer the zone from the BIND 4.x server
    4. The error that is generated in the event log is:
    Event Type: Warning
    Event Source: DNS
    Event Category: None
    Event ID: 7500
    Date: 3/14/2006
    Time: 12:41:18 PM
    User: N/A
    Computer: MAD00SPI
    Description:
    The DNS server failed to process a packet from 130.47.240.15. The packet
    was discarded.

    Has anyone else seen this issue? Has anyone else done zone transfers with a
    BIND 9.2.3 server?

    Many thanks!
    CB
     
    clburke, Mar 14, 2006
    #1
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.