[Dnsmasq-discuss] Zone transfer fails without any error

Simon Kelley simon at thekelleys.org.uk
Fri Aug 3 12:59:34 BST 2018


On 02/08/18 22:15, Wojtek Swiatek wrote:
> Hello everyone
> 
> I wanted to set up another DNS server (unfortunately bind as, again
> unfortunately, dnsmasq does not support being a secondary server).
> 
> The zone transfer is initiated from the secondary but I see (on that
> secondary):
> 
> 02-Aug-2018 23:05:33.160 zone swtk.info/IN <http://swtk.info/IN>:
> refresh: unexpected rcode (SERVFAIL) from master 192.168.0.10#53 (source
> 0.0.0.0#0)
> 02-Aug-2018 23:06:52.662 zone swtk.info/IN <http://swtk.info/IN>:
> refresh: retry limit for master 192.168.0.10#53 exceeded (source 0.0.0.0#0)
> 02-Aug-2018 23:06:52.663 zone swtk.info/IN <http://swtk.info/IN>:
> Transfer started.
> 02-Aug-2018 23:06:52.664 transfer of 'swtk.info/IN
> <http://swtk.info/IN>' from 192.168.0.10#53: connected using
> 192.168.0.13#40223
> 02-Aug-2018 23:06:52.665 transfer of 'swtk.info/IN
> <http://swtk.info/IN>' from 192.168.0.10#53: failed while receiving
> responses: SERVFAIL
> 02-Aug-2018 23:06:52.666 transfer of 'swtk.info/IN
> <http://swtk.info/IN>' from 192.168.0.10#53: Transfer status: SERVFAIL
> 02-Aug-2018 23:06:52.666 transfer of 'swtk.info/IN
> <http://swtk.info/IN>' from 192.168.0.10#53: Transfer completed: 0
> messages, 0 records, 0 bytes, 0.001 secs (0 bytes/sec)
> 02-Aug-2018 23:08:07.161 zone swtk.info/IN <http://swtk.info/IN>:
> refresh: unexpected rcode (SERVFAIL) from master 192.168.0.10#53 (source
> 0.0.0.0#0)
> 
> 
> On dnsmasq's host, when running dnsmasq with "-d -q --log-queries=extra"
> , I just see
> 
> dnsmasq: 32 192.168.0.13/34310 <http://192.168.0.13/34310> query[SOA]
> swtk.info <http://swtk.info> from 192.168.0.13
> dnsmasq: 33 192.168.0.13/54967 <http://192.168.0.13/54967> query[SOA]
> swtk.info <http://swtk.info> from 192.168.0.13
> dnsmasq: 34 10.100.10.30/60009 <http://10.100.10.30/60009> query[A]
> www.google.com <http://www.google.com> from 10.100.10.30
> dnsmasq: 34 10.100.10.30/60009 <http://10.100.10.30/60009> cached
> www.google.com <http://www.google.com> is 216.58.206.228
> 
> Is there a better indication where the problem may be located? All
> traffic between the bind and dnsmasq host is open (both ways) and a dig
> @192.168.0.10 <http://192.168.0.10> is successful (this is the IP of the
> dnsmasq host, the same which is used in the bind transfer configuration
> file)
> 

What's the result of doing

dig @192.168.0.10 SOA swtk.info


It looks like that could be what's failing, rather than the actual zone
transfer.

Simon.




More information about the Dnsmasq-discuss mailing list