That gets me more information, and I think puts the problem onto
axfrdns. Thanks.
xfer-in: info: zone example.net/IN: Transfer started.
xfer-in: debug 1: zone example.net/IN: forced reload, requesting AXFR of
initial version from 198.51.100.1#53
xfer-in: info: transfer of 'example.net/IN' from 198.51.100.1#53:
connected using 198.51.100.1#53
xfer-in: debug 3: transfer of 'example.net/IN' from 198.51.100.1#53:
sent request data
xfer-in: debug 3: transfer of 'example.net/IN' from 198.51.100.1#53:
missing question section
xfer-in: error: transfer of 'example.net/IN' from 198.51.100.1#53:
failed while receiving responses: FORMERR
xfer-in: debug 1: zone example.net/IN: zone transfer finished: FORMERR
xfer-in: info: transfer of 'example.net/IN' from 198.51.100.1#53:
Transfer status: FORMERR
Looks like this isn't going to be solvable on my side.
https://gitlab.isc.org/isc-projects/bind9/-/blob/v9.18.17/lib/dns/xfrin.c?ref_type=tags#L1657-1663
Packet capture confirms that we are indeed not getting a response with
the question section.
I'm running the same version of dig, on the same system. Interesting
that dig isn't as strict about this.
-- Ian
On 8/31/23 7:58 PM, Mark Andrews wrote:
Set debug level 3 on the xfrin channel. There are some debug level messages
that really should be set to error level in lib/dns/xfrin.c on FORMERR.
Also make sure you are running dig from the same version as later versions are
more strict in parsing responses from the wire.
On 1 Sep 2023, at 09:23, Ian Bobbitt wrote:
I have a system running BIND 9.18.17 that needs to transfer a zone from
djbdns/axfrdns. I receive FORMERRs, and haven't been able to get any log
messages indicating the problem.
xfer-in: info: zone example.net/IN: Transfer started.
xfer-in: info: transfer of 'example.net/IN' from 198.51.100.1#53: connected
using192.0.2.1 #53
xfer-in: error: transfer of 'example.net/IN' from 198.51.100.1#53: failed while
receiving responses: FORMERR
xfer-in: info: transfer of 'example.net/IN' from 198.51.100.1#53: Transfer
status: FORMERR
xfer-in: info: transfer of 'example.net/IN' from 198.51.100.1#53: Transfer
completed: 0 messages, 0 records, 0 bytes, 0.008 secs (0 bytes/sec) (serial 0)
This replaced a long obsolete system running 9.8.2 that was able to
successfully transfer the zone. I can also successfully transfer the zone with
`dig -t axfr ...` from the new system, which gives no errors. named-checkzone
on the resulting data also gives no errors, and BIND is able to successfully
load it as a primary.
How do I go about finding the cause of the FORMERR and resolve it?
-- Ian
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
