Using PowerDNS, we got into an issue with transferring a single domain object (/24) from our primary to our secondary DNS server.
This /24 is part of a larger RIPE block, /22, and is not automatically transferred. The remaining /24 domain objects transfer just fine.
As you can see from below emitted output, the axfr transfer from ns0 to ns1 stops halfway.
beelze@ns1 ~]$ dig @ns0.x.x.x.x -t axfr x.x.x.in-addr.arpa
; <<>> DiG 9.9.4-RedHat-9.9.4-61.el7 <<>> @ns0.comsave.nl -t axfr
x.x.x.in-addr.arpa
; (1 server found)
;; global options: +cmd
x.x.x.in-addr.arpa. 604800 IN SOA ns0.x.x.x.nl.
servicedesk.company.nl. 2019012815 10800 1800 1209600 10800
0.x.x.x.in-addr.arpa. 604800 IN PTR no-reverse-yet.company.nl.
1.x.x.x.in-addr.arpa. 604800 IN PTR no-reverse-yet.company.nl.
10.x.x.x.in-addr.arpa. 604800 IN PTR no-reverse-yet.company.nl.
[...]
188.x.x.x.in-addr.arpa. 604800 IN PTR no-reverse-yet.company.nl.
;; communications error to x.x.x.x#53: end of file
A tcpdump on ns0 doesn't show much that helps troubleshooting?
13:56:45.927143 00:0c:29:16:2f:8e > 00:00:5e:00:01:03, ethertype IPv4 (0x0800),
length 1954: (tos 0x0, ttl 64, id 28824, offset 0, flags [DF], proto TCP (6),
length 1940) 185.52.208.19.53 > 185.52.208.27.59863: Flags [P.], cksum 0x1a1f
(incorrect -> 0xf316), seq 2936827176:2936829064, ack 487100677, win 227, options
[nop,nop,TS val 582294609 ecr 974940634], length 188828565*- q: AXFR?
x.x.x.in-addr.arpa. 100/0/1 0.x.x.x.in-addr.arpa. [1w] PTR no-reverse-yet.company.nl.,
1.x.x.x.in-addr.arpa. [1w] PTR no-reverse-yet.company.nl.,
10.x.x.x.in-addr.arpa. [1w] PTR no-reverse-yet.company.nl.,
[...]
188.x.x.x.in-addr.arpa. [1w] PTR no-reverse-yet.company.nl. ar: . OPT UDPsize=1680 (1886)
0 Answers