In message , "Chri
s Henderson" writes:
> On Mon, Oct 13, 2008 at 9:27 AM, Chris Henderson wrote
> :
> > On Fri, Oct 10, 2008 at 6:21 PM, Matus UHLAR - fantomas
> > wrote:
> >> log on the slave and query the master. tcpdump the communication on the
> >> master too. Check both TCP and UDP communication.

> >
> > here's what I am getting from sniffing both the slave and master at
> > the same time:
> >
> > from the slave I can see:
> >
> > slave -> master DNS C port=55480
> > slave -> master DNS C port=55480
> > slave -> master DNS C port=55480
> > slave -> master DNS C port=55480
> > slave -> master DNS C port=55480
> > slave -> master DNS C port=55480
> >
> > from the master I can see:
> >
> > slave -> master DNS C domain.com. Internet SOA ?
> > master -> slave DNS R domain.com. Internet SOA
> > slave -> master DNS C port=55571
> > slave -> master DNS C port=55571
> > slave -> master DNS C port=55571
> > slave -> master DNS C port=55571
> > slave -> master DNS C port=55571
> >
> > And in the slave's log I can that "timed-out" error.
> >
> > I don't have any firewall. Besides, I can ping, traceroute, ssh to and
> > from the master and slave without a problem.
> >
> > Thanks for any further help.
> >

>
> Further to my previous mail, I have another zone file from the same
> master server (called "203.10.21") - which is coming fine as zone
> transfer to the same slave. But my "domain.com" zone transfer is
> timing out. The size of the "domain.com" file is much smaller than the
> "203.10.21" zone file. The zone transfer stopped after I added a
> $origin RR to the master server's doamin.com file - which was a wrong
> entry and I reverted the change back and ran named-checkzone on
> domain.com which looks good.
>
> I'm running out of options here. The only thing I can think of is:
> delete "domain.com" file from the master, restore from backup the last
> known good file and see if zone transfer happens.
>
> Anyone has any other ideas? Bind is not really telling me why it's
> timing out while doing the zone transfer for "domain.com" and not for
> "203.10.21".


Presuming the master and slave are reachable from the
Internet you might try giving us the full details rather
than trying to hide everything.

By full details I mean the IP address, zone name, the
relevent bits of named.conf on both master and slave
unchanged. Also include the working zone's details.

Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews@isc.org