Hi,

It seems that MyDNS can't transfer the IP to my slave dns server.

I put the IP in the correct field in ispconfig panel :

Allow zone transfers to
these IPs (comma separated list) : XX.XX.XX.XXX

in mydns.conf :

allow-axfr = yes # Should AXFR be enabled?
allow-tcp = yes # Should TCP be enabled?

Result :

; <<>> DiG 9.5.1-P3 <<>> domain.tld @myserver.com AXFR
;; global options: printcmd
; Transfer failed.

I use the last version of Ispconfig. So I presume this thread is solved http://www.howtoforge.com/forums/archive/index.php/t-34373.html

Your presumption is incorrect. I just checked all of the files and the problem is still there. This post has the solution -
http://www.howtoforge.com/forums/showpost.php?p=184308&postcount=15

The developers definitely need to get this fixed.

Thanks !

But lol ? That's means, right now, nobody can't use a DNS slave server. And no one cares about? :confused:

Apprently the bug is only from MyDNS and not ispconfig... see the thread you posted me.

Well, I fixed the bug, the domain is now active but I got the same result :

; <<>> DiG 9.5.1-P3 <<>> domain.tld @myserver.com AXFR
;; global options: printcmd
; Transfer failed.

Anything in the log files?

But lol ? That's means, right now, nobody can't use a DNS slave server.

mydns servers do not use axfr for synching with ecah other, for mydns you use e.g. mysql replication. It just means that you can not use bind as slave. But as far as I know, the problem in the mydns code was fixed some time ago, maybe they introduced the problem again in theyr code.

Which log file I have to look into?

What do you mean by "you can not use bind as slave."
If BIND is installed on the slave it cannot works ?

See mydns manual:

http://mydns.bboy.net/doc/html/mydns_22.html


If BIND is installed on the slave it cannot works ?

I have not said that. I explained the bug and why your conclusion was wrong.

If I stop the daemon :

Oct 29 08:57:24 ksxxx mydns[30351]: terminé
Oct 29 08:57:24 ksxxxmydns[30351]: ksxxx.domain.tld disponible 2m42s (162s) 35 requêtes (0/s) NOERROR=22 SERVFAIL=0 NXDOMAIN=0 NOTIMP=0 REFUSED=2 (31% TCP, 11 queries)
Oct 29 08:57:24 kksxxx mydns[30350]: Server pid 30351 died
Oct 29 08:57:24 ksxxx mydns[30700]: purge_bad_task() bad task 0.0.0.0: 000 (4) NEED_TASK_READ, High Priority IO Driven Task => 2
Oct 29 08:57:24 ksxxxmydns[30700]: purge_bad_task() bad task 0.0.0.0: 000 (5) NEED_TASK_READ, High Priority IO Driven Task => 4
Oct 29 08:57:24 ksxxx mydns[30700]: purge_bad_task() bad task 0.0.0.0: 000 (6) NEED_TASK_READ, High Priority IO Driven Task => 6
Oct 29 08:57:24ksxxx mydns[30700]: purge_bad_task() bad task 0.0.0.0: 000 (7) NEED_TASK_READ, High Priority IO Driven Task => 8
Oct 29 08:57:24 ksxxx mydns[30700]: purge_bad_task() bad task ::: 000 (8) NEED_TASK_READ, High Priority IO Driven Task => 10
Oct 29 08:57:24 ksxxx mydns[30700]: accept_tcp_query: accept failed on fd 3 proto IPV4: Mauvais descripteur de fichier
Oct 29 08:57:24 ksxxx mydns[30700]: accept_tcp_query: accept failed on fd 5 proto IPV4: Mauvais descripteur de fichier
Oct 29 08:57:24 ksxxx mydns[30700]: accept_tcp_query: accept failed on fd 7 proto IPV4: Mauvais descripteur de fichier
Oct 29 08:57:24 ksxxx mydns[30700]: accept_tcp_query: accept failed on fd 9 proto IPV4: Mauvais descripteur de fichier
Oct 29 08:57:24 ksxxx mydns[30700]: accept_tcp_query: accept failed on fd 11 proto IPV6: Mauvais descripteur de fichier
Oct 29 08:57:24 ksxxx mydns[30350]: terminé
Oct 29 08:57:24 ksxxx mydns[30350]: ksxxx.domain.tld disponible 2m42s (162s) 4 requêtes (0/s) NOERROR=3 SERVFAIL=0 NXDOMAIN=0 NOTIMP=0 REFUSED=0
Oct 29 08:57:24 ksxxx mydns[30700]: terminé
Oct 29 08:57:24 ksxxx mydns[30700]: ksxxx.domain.tld disponible 2m42s (162s) 14 requêtes (0/s) NOERROR=13 SERVFAIL=0 NXDOMAIN=0 NOTIMP=0 REFUSED=0 (35% TCP, 5 queries)

If I start :

Oct 29 08:57:46 ksxxx mydns[30706]: mydns 1.2.8.25 started Thu Oct 29 08:57:46 2009 (listening on 5 addresses)

If I Do a DIG. I got nothing.

Maybe I should install MyDNS-ng 1.2.8.27?

If you did not see anything, then the axfr request most likely did not got trough to your server. Please try:

dig @localhost AXFR yourdomain.tld

And which mydns-ng version do you use at the moment?

I got the same error.

Regarding to the log it's mydns 1.2.8.25
not NG version

Thn you should update to the latest mydns-ng version.

That's what I just did, but I still got the same error with the DIG AXFR... ? :(

wget http://heanet.dl.sourceforge.net/sourceforge/mydns-ng/mydns-1.2.8.27.tar.gz
tar xvfz mydns-1.2.8.27.tar.gz
cd mydns-1.2.8
./configure
make
make install

Anything in the log? Have you checked the mydns.conf file, it might have been overwritten by the installation.

the DIG command should output someting in the log ?

When I start the daemon the new version is mentioned. So I think it's good for the version.
The config file has not been overwritten.

I stopped mydns and run it with -d -v

mydns[8002]: AXFR is enabled
mydns[8002]: TCP ports are enabled
mydns[8002]: DNS UPDATE is not enabled
mydns[8002]: DNS NOTIFY is not enabled
mydns[8002]: DNS IXFR is not enabled
mydns[8002]: optional 'xfer' column found in 'dns_soa' table
mydns[8002]: mydns 1.2.8.27 started Thu Oct 29 09:31:53 2009 (listening on 5 addresses)
mydns[8003]: 29-oct-2009 09:31:58+383495 #12 54889 UDP 213.186.33.199 IN SOA domain.tld. NOERROR - 1 1 2 2 LOG N QUERY ""
mydns[8003]: 29-oct-2009 09:31:58+396836 #13 4392 TCP 213.186.33.199 IN IXFR domain.tld. REFUSED IXFR_not_enabled 1 0 0 0 LOG N QUERY ""
mydns[8003]: 29-oct-2009 09:32:31+021607 #14 37677 UDP 213.186.33.199 IN SOA domain2.tld. REFUSED zone introuvable 1 0 0 0 LOG N QUERY ""
mydns[8003]: 29-oct-2009 09:32:31+034769 #15 48135 TCP 213.186.33.199 IN IXFR domain2.tld. REFUSED IXFR_not_enabled 1 0 0 0 LOG N QUERY ""
mydns[8003]: 29-oct-2009 09:32:35+727410 #16 38423 UDP 80.12.255.10 IN A www.domain3.tld. NOERROR - 1 1 2 2 LOG N QUERY ""
mydns[8003]: 29-oct-2009 09:32:53+727692 #17 0 UDP Address unknown 000 000 NOERROR - 0 0 0 0 LOG N QUERY ""
mydns[8002]: 29-oct-2009 09:32:53+727938 #1 0 UDP Address unknown 000 000 NOERROR - 0 0 0 0 LOG N QUERY ""

Maybe something interesting?

Now I see the log for : dig domain.tld @myserver.tld AXFR



mydns[10515]: 29-oct-2009 10:01:56+164202 #1 0 UDP 0.0.0.0 000 000 NOERROR - 0 0 0 0 LOG N QUERY ""
mydns[10515]: 29-oct-2009 10:01:56+164609 #2 0 UDP 0.0.0.0 000 000 NOERROR - 0 0 0 0 LOG N QUERY ""
mydns[10515]: 29-oct-2009 10:01:56+164680 #3 0 UDP 0.0.0.0 000 000 NOERROR - 0 0 0 0 LOG N QUERY ""
mydns[10515]: 29-oct-2009 10:01:56+164749 #4 0 UDP 0.0.0.0 000 000 NOERROR - 0 0 0 0 LOG N QUERY ""
mydns[10515]: 29-oct-2009 10:01:56+164811 #5 0 UDP :: 000 000 NOERROR - 0 0 0 0 LOG N QUERY ""
mydns[10515]: 29-oct-2009 10:01:56+164868 #6 0 TCP 0.0.0.0 000 000 NOERROR - 0 0 0 0 LOG N QUERY ""
mydns[10515]: 29-oct-2009 10:01:56+164943 #7 0 TCP 0.0.0.0 000 000 NOERROR - 0 0 0 0 LOG N QUERY ""
mydns[10515]: 29-oct-2009 10:01:56+165005 #8 0 TCP 0.0.0.0 000 000 NOERROR - 0 0 0 0 LOG N QUERY ""
mydns[10515]: 29-oct-2009 10:01:56+165062 #9 0 TCP 0.0.0.0 000 000 NOERROR - 0 0 0 0 LOG N QUERY ""
mydns[10515]: 29-oct-2009 10:01:56+165120 #10 0 TCP :: 000 000 NOERROR - 0 0 0 0 LOG N QUERY ""
mydns[10515]: 29-oct-2009 10:01:56+165179 #11 0 UDP Address unknown 000 000 NOERROR - 0 0 0 0 LOG N QUERY ""
mydns[10515]: 29-oct-2009 10:01:56+165295 #0 0 UNKNOWN Address unknown 000 000 NOERROR - 0 0 0 0 LOG N QUERY ""
mydns[8003]: 29-oct-2009 10:01:56+165398 #199 31292 TCP 91.1xxx.1xx.1x7 IN AXFR domain.tld. NOERROR - 1 0 0 0 LOG N QUERY ""
mydns[10515]: 29-oct-2009 10:01:56+166882 #199 31292 TCP 91.xxx1.1xxx2.1xx7 IN AXFR domain.tld. REFUSED AXFR_disabled 0 0 0 0 LOG N QUERY ""


The question is : why I have "REFUSED AXFR_disabled" and in mydns.conf it's allow-axfr = yes ?

What does your table dns_soa table entry look like for domain.tld?

What do you want to see ? I can't past like that...

xfer = I.P DNS Slave
active = Y (I use Mydns-NG)
serial = 2009102902

That looks right... and you're running dig from the slave, correct? Does myDNS-ng work fine for everything except the transfer? i.e. regular dig queries

wops, no i'm runing DIG from the master. I don't have access from the slave...

Make sure you have localhost in the list of IPs allowed to transfer when you're testing, it doesn't seem to trust itself by default :)

I put 127.0.0.1 (plus the ip of the DNS slave seperated by a comma)

dig @localhost AXFR titi.me

the AXFR is good

;; Query time: 326 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Thu Oct 29 16:33:08 2009
;; XFR size: 24 records (messages 24, bytes 1242


But still not to my DNS slave...

^ That means that your AXFR functionality works as it should on your ISPconfig machine.

So it should work fine to your slave, assuming you have that IP in the proper field and your firewall rules are good.

So the problem is only due to the DNS slave server ? I'm trying to resolve that with my host but sounds like they don't see the problem...

Do you have a remote machine you can run a test AXFR using dig from? That would test your whole setup, and if that's successful, then yes, it's something on their end.

Hum no I don't.... :rolleyes:
If you have one I can allow you ;)

Sure, I can. I PM'ed you my IP.