You can also try pdnssec check-zone zonename to find out why it's broken. It works even if you aren't using dnssec.
Aki On Sun, Nov 22, 2015 at 11:37:25AM +0100, l...@consolejunkie.net wrote: > Hi a b, > > Based on your queries below, you seem to not be using the default > table schema and queries: > > https://doc.powerdns.com/md/authoritative/backend-generic-mypgsql/#regular-queries > > Can you post your query configuration and schema ? > > Seems to me it might be related to that. > > Have a good day, > Leen. > > On 2015-11-22 11:26, a b wrote: > >I added two A records, as follows: > > > >SQL> insert into records(id, zone_id, fqdn, content, type) values(16, > >(select id from zones where name = 'dmz'), 'ntp.dmz', '172.16.2.2', > >'A'); > > > >1 row created. > > > >SQL> insert into records(id, zone_id, fqdn, content, type) values(66, > >(select id from zones where name = 'dmz'), 'ntp.dmz', '172.16.2.3', > >'A'); > > > >1 row created. > > > >SQL> update zones set serial = 2015112208 where name = 'dmz'; > > > >1 row updated. > > > >SQL> commit; > > > >Commit complete. > > > >As soon as I do that, AXFR no longer works: > > > >Nov 22 11:12:45 supermaster.domain.tld pdns[4849]: [ID 702911 > >local0.error] 1 domain for which we are master needs notifications > >Nov 22 11:12:55 supermaster.domain.tld pdns[4849]: [ID 702911 > >local0.warning] Queued notification of domain 'dmz' to 172.16.2.5:53 > >Nov 22 11:12:56 supermaster.domain.tld pdns[4849]: [ID 702911 > >local0.error] AXFR of domain 'dmz' initiated by 172.16.2.5 > >Nov 22 11:12:56 supermaster.domain.tld pdns[4849]: [ID 702911 > >local0.error] TCP server is without backend connections in doAXFR, > >launching > >Nov 22 11:12:56 supermaster.domain.tld pdns[4849]: [ID 702911 > >local0.warning] Removed from notification list: 'dmz' to > >172.16.2.5:53 > >(was acknowledged) > >Nov 22 11:12:56 supermaster.domain.tld pdns[4849]: [ID 702911 > >local0.warning] AXFR of domain 'dmz' allowed: client IP 172.16.2.5 is > >in per-domain ACL > >Nov 22 11:12:56 supermaster.domain.tld pdns[4849]: [ID 702911 > >local0.error] TCP Connection Thread unable to answer a question > >because of a backend error, cycling > >Nov 22 11:12:58 supermaster.domain.tld pdns[4849]: [ID 702911 > >local0.warning] No master domains need notifications > > > >Nov 22 11:12:56 superslave.domain.tld pdns[3656]: [ID 702911 > >local0.warning] 1 slave domain needs checking, 0 queued for AXFR > >Nov 22 11:12:56 superslave.domain.tld pdns[3656]: [ID 702911 > >local0.warning] Received serial number updates for 1 zones, had 0 > >timeouts > >Nov 22 11:12:56 superslave.domain.tld pdns[3656]: [ID 702911 > >local0.warning] Domain 'dmz' is stale, master serial 2015112209, our > >serial 0 > >Nov 22 11:12:56 superslave.domain.tld pdns[3656]: [ID 702911 > >local0.error] Initiating transfer of 'dmz' from remote '172.16.2.4' > >Nov 22 11:12:56 superslave.domain.tld pdns[3656]: [ID 702911 > >local0.error] AXFR started for 'dmz' > >Nov 22 11:12:56 superslave.domain.tld pdns[3656]: [ID 702911 > >local0.error] Unable to AXFR zone 'dmz' from remote '172.16.2.4' > >(resolver): Remote nameserver closed TCP connection > > > >...what do the errors "TCP Connection Thread unable to answer a > >question because of a backend error, cycling", > >and > >"Unable to AXFR zone 'dmz' from remote '172.16.2.4' (resolver): > >Remote nameserver closed TCP connection" > >mean? > > > >If I am doing something wrong, what is it? > > > _______________________________________________ > Pdns-users mailing list > Pdns-users@mailman.powerdns.com > http://mailman.powerdns.com/mailman/listinfo/pdns-users > _______________________________________________ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users