problem zone transfer

Sam Trenholme strenholme.usenet at gmail.com
Thu Sep 24 18:01:50 EDT 2009 

To address the original poster, it works for me.

Using MaraDNS 1.3.14 (zoneserver, actually), and the following mararc file:

ipv4_bind_addresses = "127.0.0.1"
tcp_convert_server = "127.0.0.1"
tcp_convert_acl = "0.0.0.0/0"
chroot_dir = "/etc/maradns"
csv2 = {}
csv2["example.com."] = "db.example.com"
zone_transfer_acl = "127.0.0.1"
recursive_acl = "127.0.0.1,192.168.110.0/24"
hide_disclaimer = "YES"
chroot_dir = "/etc/maradns"
random_seed_file="/dev/urandom"
maxprocs = 70
no_fingerprint = 1
default_rrany_set = 3
max_chain = 8
max_ar_chain = 1
max_total = 20
verbose_level = 3
debug_msg_level = 0
dns_port = 53
maximum_cache_elements = 1024
min_ttl_cname = 900
min_ttl = 300

And the following db.example.com file:

example.com.         +1   SOA     z.%
y@%     1      1  1   1 1
example.com.         +3600   NS      ns1.example.net.
example.com.         +3600   NS      ns2.example.net.
example.com.         +3600   NS      ns3.example.net.
example.com.         +3600   MX      10 mail.example.net.
example.com.         +3600   MX      20 mail2.example.net.
example.com.         TXT     'dns.'

example.com.         +3600   A       10.1.2.3
www.example.com.     +3600   A       10.1.2.4
xx.example.com.      +3600   A      10.1.2.6
#*.example.com.       +3600   A       10.1.2.5

I am able to use zoneserver to transfer a zone:

$ ./fetchzone example.com 127.0.0.1
example.com. +1 soa z.example.com. y at example.com. 1 1 1 1 1 ~
example.com. +3600 ns ns1.example.net. ~
example.com. +3600 ns ns2.example.net. ~
example.com. +3600 ns ns3.example.net. ~
example.com. +3600 mx 10 mail.example.net. ~
example.com. +3600 mx 20 mail2.example.net. ~
example.com. +86400 txt 'dns.' ~
example.com. +3600 a 10.1.2.3 ~
www.example.com. +3600 a 10.1.2.4 ~
xx.example.com. +3600 a 10.1.2.6 ~
# Second SOA received, exiting

So, the next questions are:

* Which DNS server are you trying to transfer to?

* Does this DNS server have an IP in zone_transfer_acl?

* Which version of MaraDNS are you running?

* Are you running both the 'maradns' and 'zoneserver' daemons?

> Is the zone transfer to a windows box (where windows is the client)?
> Because that doesn't work for me (using maradns stable - not sure about the
> development branch).

It could be a compatibility issue.  It could also be a configuration
issue (are you running 'zoneserver'?  Does this DNS server have an IP
in zone_transfer_acl?)

> I know that maradns uses an older format for it's zone transfers (from a
> previous draft) which may be part of the problem.

We don't know what the problem is until we get more information.

DNS really hasn't changed since 2001 when I first wrote MaraDNS; don't
think DNS is like HTML+CSS or Javascript.  Because it's not.  It's
pretty static and they haven't really changed how Zone transfers are
done since Regan was president of the US.

- Sam

Note: I do not answer MaraDNS support requests sent by private email
without being compensated for my time. I will discuss rates if you
want this kind of support. Thank you for your understanding.

More information about the list mailing list