Hello Doc, Wanted to see if you were able to resolve your issue.
I have seen this issue occur in the past also. Jerry On 01/ 6/15 12:50 PM, The Doctor wrote:
Help needed. This morning my primary DNS server locked. No worries, the backup will kick in. Wrong !! The Secondary DNS server cannot resolve properly unless the 'real' primary is working. All right, why is the secondary server behaving this way? Satrt of secondary DNS server named.conf file //Use with the following in named.conf, adjusting the allow list as needed: key "rndc-key" { algorithm hmac-md5; secret "7ZbGK94NdSa2WACxx72W1w=="; }; controls { inet 127.0.0.1 port 953 allow { 127.0.0.1; } keys { "rndc-key"; }; }; // generated by named-bootconf.pl options { directory "/etc/namedb"; pid-file "/var/run/named.pid"; dump-file "/etc/namedb/named.core"; max-ncache-ttl 86400; recursive-clients 100; reserved-sockets 128; tcp-clients 40; tcp-listen-queue 14; zone-statistics yes; forwarders { 208.67.222.222; 208.67.220.220; }; blackhole { 65.94.172.87; 67.68.204.41; 74.15.184.13; 65.94.173.208; }; allow-transfer { 204.209.81.1; 204.209.81.8; 204.209.81.14; }; allow-notify { 204.209.81.1; 204.209.81.8; 204.209.81.14; }; also-notify { 204.209.81.1 port 53; 204.209.81.8 port 53; 204.209.81.14 port 53; }; /* * If there is a firewall between you and nameservers you want * to talk to, you might need to uncomment the query-source * directive below. Previous versions of BIND always asked
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users