Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 2 > Installation/Configuration

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 5th March 2009, 17:44
grungy grungy is offline
Senior Member
 
Join Date: Dec 2008
Posts: 166
Thanks: 14
Thanked 17 Times in 12 Posts
Default DNS zones not transfered to slave server anymore

I have a slave DNS server (BIND) which transfers zones from my ISPCONFIG3 server. Everything worked great until I updated to latest SVN, now the transfer of zones is refused:

53: failed while receiving responses: REFUSED


I checked all setting and logs...nothing....
Reply With Quote
Sponsored Links
  #2  
Old 5th March 2009, 20:48
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 36,736
Thanks: 840
Thanked 5,596 Times in 4,407 Posts
Default

There has nothing be changed in this part of ISPconfig 3 and I tested the zone transfers today, so there must have been something else updated or changed too.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #3  
Old 5th March 2009, 21:14
grungy grungy is offline
Senior Member
 
Join Date: Dec 2008
Posts: 166
Thanks: 14
Thanked 17 Times in 12 Posts
Default

Quote:
Originally Posted by till View Post
There has nothing be changed in this part of ISPconfig 3 and I tested the zone transfers today, so there must have been something else updated or changed too.
Tnx for your quick reply, good to know that it is not an ispconfig issue.

I have no idea what is causing this, no iptables rules, connectivity is fine, mydns.conf did not change, I google and googled nothing, did a trace to mydns....

Any ideas?
Reply With Quote
  #4  
Old 5th March 2009, 21:23
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 36,736
Thanks: 840
Thanked 5,596 Times in 4,407 Posts
Default

Is the ip address for the xfer destination correct?
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #5  
Old 5th March 2009, 21:47
grungy grungy is offline
Senior Member
 
Join Date: Dec 2008
Posts: 166
Thanks: 14
Thanked 17 Times in 12 Posts
Default

I think I know where the problem is, such a stupid thing...somehow BIND got installed and run on the same server where mydns is running....dammit this is a mystery

I stopped the BIND service, restarted mydns and still I have the same problem.
Reply With Quote
  #6  
Old 5th March 2009, 22:25
grungy grungy is offline
Senior Member
 
Join Date: Dec 2008
Posts: 166
Thanks: 14
Thanked 17 Times in 12 Posts
Default

I run mydns with verbose option

# mydns -d -v

this is what I get:

Code:
mydns[9564]: 05-Mar-2009 20:23:19+626218 #0 60278 UDP MY_IP IN SOA domain.com. NOERROR - 1 1 2 0 LOG N QUERY ""
mydns[9566]: 05-Mar-2009 20:23:19+630278 #1 15965 TCP MY_IP IN AXFR domain.com. REFUSED AXFR_disabled 0 0 0 0 LOG N QUERY ""
mydns.conf


Quote:
## AUTOMATICALLY GENERATED BY DEBCONF. DO NOT MODIFY DATABASE
## INFORMATION (database, db-*)...
## PLEASE RUN 'dpkg-reconfigure mydns-mysql' INSTEAD.
## CHANGES TO THE FOLLOWING DIRECTIVES ARE NOT PRESERVED, BUT REPLACED,
## ON UPGRADE:
## user, group, pidfile, db-*, database

##
## /etc/mydns.conf
## Thu Aug 2 16:36:26 2007
## For more information, see mydns.conf(5).
##


# DATABASE INFORMATION

db-host = localhost # SQL server hostname
db-user = ispconfig # SQL server username
db-password = 1111111111 # SQL server password
database = dbispconfig # MyDNS database name


# GENERAL OPTIONS

user = nobody # Run with the permissions of this user
group = nogroup # Run with the permissions of this group
listen = * # Listen on these addresses ('*' for all)
no-listen = # Do not listen on these addresses


# CACHE OPTIONS

zone-cache-size = 2048 # Maximum number of elements stored in the zone cache
zone-cache-expire = 60 # Number of seconds after which cached zones expires
reply-cache-size = 2048 # Maximum number of elements stored in the reply cache
reply-cache-expire = 30 # Number of seconds after which cached replies expire


# ESOTERICA

log = LOG_DAEMON # Facility to use for program output (LOG_*/stdout/stderr)
pidfile = /var/run/mydns.pid # Path to PID file
timeout = 120 # Number of seconds after which queries time out
multicpu = 1 # Number of CPUs installed on your system
recursive = # Location of recursive resolver
allow-axfr = yes # Should AXFR be enabled?
allow-tcp = yes # Should TCP be enabled?
allow-update = no # Should DNS UPDATE be enabled?
ignore-minimum = no # Ignore minimum TTL for zone?
soa-table = dns_soa # Name of table containing SOA records
rr-table = dns_rr # Name of table containing RR data
soa-where = server_id = 1 # Extra WHERE clause for SOA queries
rr-where = server_id = 1 # Extra WHERE clause for RR queries
use-soa-active = yes # To fix bug 295 where active or inactive status is ignored.
use-rr-active = yes# To fix bug 295 where active or inactive status is ignored.

from the mydns manual

Quote:
REFUSED
The query was refused due to server policy. This usually happens because
the client attempted to AXFR a zone that they were not allowed to transfer,
or because the client requested a name within a zone for which the server
is not authoritative.
11. If the previous field was anything but NOERROR, this is a human-readable reason why
the query failed, with any space characters in the string converted into underscore (‘_’)
characters. If the previous field was NOERROR, this field contains a dash (‘-’).
12. The number of resource records included in the question section of the reply.
13. The number of resource records included in the answer section of the reply.
14. The number of resource records included in the authority section of the reply.
15. The number of resource records included in the additional section of the reply.
16. The word LOG.
17. The character ‘Y’ if this was a cached reply, ‘N’ if it was not.
18. The opcode for this query – ‘QUERY’ or ‘UPDATE’.
19. If the previous field was ‘UPDATE’, this is a description of the update performed, enclosed
in quotation marks. For example, this field might contain ‘"test-a.example.com.
3600 IN A 0 1.2.3.4"’, indicating that for the zone specified, an A record was created
for test-a.example.com. with the value 1.2.3.4.

Last edited by grungy; 5th March 2009 at 23:42.
Reply With Quote
  #7  
Old 7th March 2009, 10:43
Antennipasi Antennipasi is offline
ISPConfig Developer
 
Join Date: Dec 2008
Location: Finland
Posts: 67
Thanks: 6
Thanked 13 Times in 12 Posts
Default

Quote:
Originally Posted by grungy View Post
I have a slave DNS server (BIND) which transfers zones from my ISPCONFIG3 server.
try to disable incremental transfers from slave. modify slave-BIND's configuration to ask always full zone from Ispconfig:

Code:
server IP_MASTER_DNS {
        provide-ixfr no ;
        request-ixfr no ;
};
this is how i got my BIND's to act as a slave to Ispconfig while transition to mydns replication.
Reply With Quote
  #8  
Old 7th March 2009, 11:53
grungy grungy is offline
Senior Member
 
Join Date: Dec 2008
Posts: 166
Thanks: 14
Thanked 17 Times in 12 Posts
Default

Antennipasi, tnx for your reply but this didn't help

Do you have any other ideas?
Reply With Quote
  #9  
Old 7th March 2009, 12:23
grungy grungy is offline
Senior Member
 
Join Date: Dec 2008
Posts: 166
Thanks: 14
Thanked 17 Times in 12 Posts
Default

What about http://sourceforge.net/projects/mydns-ng

Did anyone try this out?

p.s. mydns-ng development is really active - svn log -v https://mydns-ng.svn.sourceforge.net/svnroot/mydns-ng > changelog

Last edited by grungy; 7th March 2009 at 12:37.
Reply With Quote
  #10  
Old 16th November 2009, 20:11
normc normc is offline
Junior Member
 
Join Date: Nov 2009
Posts: 2
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Will this fix be included in upcoming releases of ISPConfig?
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
MyDNS as slave DNS server? lano General 6 10th September 2009 08:08
offsite DNS (master and slave) solution jorizzzz Tips/Tricks/Mods 1 9th March 2009 17:04
Slave dns problem blackmask Installation/Configuration 1 3rd October 2007 14:51
SuSE as master DNS server and Centos as slave DNS server... sthompson Server Operation 3 17th September 2006 14:24
Webmail Relay Error palkat General 17 23rd April 2006 19:12


All times are GMT +2. The time now is 21:15.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.