On 19/12/13 18:37, Timothe Litt wrote: > I doubt you'll get help without providing configuration data for > master > and slaves and exact log and error messages. > > But I'll take one blind guess. DNSSEC validation enabled and your > in-addr.arpa zones are not delegated and not in DLV? >
DNSSEC is not currently used on these servers. The following is logged on the slave: Dec 19 17:51:48 server2 named[7866]: transfer of '5.168.192.in-addr.arpa/IN' from 192.168.5.1#53: connected using 192.168.5.2#47108 Dec 19 17:51:48 server2 named[7866]: transfer of '5.168.192.in-addr.arpa/IN' from 192.168.5.1#53: failed while receiving responses: SERVFAIL Dec 19 17:51:48 server2 named[7866]: transfer of '5.168.192.in-addr.arpa/IN' from 192.168.5.1#53: Transfer completed: 0 messages, 0 records, 0 bytes, 0.001 secs (0 bytes/sec) Dig returns the following: [root@server2 ~]# dig @192.168.5.1 5.168.192.in-addr.arpa AXFR ; <<>> DiG 9.9.4-P1 <<>> @192.168.5.1 5.168.192.in-addr.arpa AXFR ; (1 server found) ;; global options: +cmd ; Transfer failed. There are no errors reported on the master server. Master - named.conf include "/etc/named.conf.local"; options { directory "/var/named"; pid-file "/var/run/named/named.pid"; }; zone "." { type hint; file "/etc/db.cache"; }; key rndc-key { algorithm hmac-md5; secret "XXX"; }; controls { inet 127.0.0.1 port 953 allow { 127.0.0.1; } keys { rndc-key; }; }; Configuration of the problem reverse zone: zone "5.168.192.in-addr.arpa" { type master; file "/var/named/5.168.192.in-addr.arpa.hosts"; allow-transfer { 192.168.5.2; }; allow-update { key rndc-key; }; }; Slave Zone Configuration: zone "5.168.192.in-addr.arpa" { type slave; masters { 192.168.5.1; }; file "/var/named/slaves/192.168.5.rev"; }; _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users