Please pardon my ignorance. I am trying to xshoot two issues.
1. I get this in my log when I make change to primary and bump the serial up. The primary does notify rollernet ns1 and ns2, but ns2 returns this in the rollernet logs for this domain
ns2.rollernet.us 2009-04-16 10:27:21 zone cadenceinc.com/IN: refresh: retry limit for master 216.12.9.166#53 exceeded (source 0.0.0.0#0)
Any suggestions?
2. I assume it is related, but when I do checks (dnsstuff.com), I get a report that says ns2.rollernet.us is not listed at parent name servers. Why is that?
Mike S
ns2 zone retry limit for mater exceeded?
Moderator: Moderators
-
- Site Admin
- Posts: 598
- Joined: Wed Nov 17, 2004 10:05 pm
- Location: Nevada
- Contact:
Re: ns2 zone retry limit for mater exceeded?
Odd, because we tried an AXFR by hand with "dig" and it worked. Perhaps BIND is confused. We'll look into it.schraudog wrote:Please pardon my ignorance. I am trying to xshoot two issues.
1. I get this in my log when I make change to primary and bump the serial up. The primary does notify rollernet ns1 and ns2, but ns2 returns this in the rollernet logs for this domain
ns2.rollernet.us 2009-04-16 10:27:21 zone cadenceinc.com/IN: refresh: retry limit for master 216.12.9.166#53 exceeded (source 0.0.0.0#0)
Any suggestions?
Is it the "glue" test? That's completely normal for out-of-zone name servers (.us versus .com). That test only passes if the server is in the same TLD as the domain. It's harmless.schraudog wrote:2. I assume it is related, but when I do checks (dnsstuff.com), I get a report that says ns2.rollernet.us is not listed at parent name servers. Why is that?
Technical Support support@rollernet.us
Roller Network LLC
Roller Network LLC
-
- Site Admin
- Posts: 598
- Joined: Wed Nov 17, 2004 10:05 pm
- Location: Nevada
- Contact:
We restarted BIND on ns2 (actually, it hung when we tried to stop it nicely and had to 'kill -9' it) and the transfer happened instantly when we requested a retransfer:
It could have been some kind of memory leak since it had been running for 332 days until we killed the process. The server is actually running the 'oldstable' version of Debian and is due for an upgrade to 'stable' which will bring BIND from 9.3.4-P1.1 to 9.5.1-P1. Please let us know if you notice any problems.
Code: Select all
Apr 16 11:44:09 ns2 named[15834]: zone cadenceinc.com/IN: transferred serial 2009041601
Technical Support support@rollernet.us
Roller Network LLC
Roller Network LLC
-
- Site Admin
- Posts: 598
- Joined: Wed Nov 17, 2004 10:05 pm
- Location: Nevada
- Contact:
Re: ns2 zone retry limit for mater exceeded?
Not the glue test. I ignore that one. It is the one that reads:RollerNetSupport wrote:Odd, because we tried an AXFR by hand with "dig" and it worked. Perhaps BIND is confused. We'll look into it.schraudog wrote:Please pardon my ignorance. I am trying to xshoot two issues.
1. I get this in my log when I make change to primary and bump the serial up. The primary does notify rollernet ns1 and ns2, but ns2 returns this in the rollernet logs for this domain
ns2.rollernet.us 2009-04-16 10:27:21 zone cadenceinc.com/IN: refresh: retry limit for master 216.12.9.166#53 exceeded (source 0.0.0.0#0)
Any suggestions?
Is it the "glue" test? That's completely normal for out-of-zone name servers (.us versus .com). That test only passes if the server is in the same TLD as the domain. It's harmless.schraudog wrote:2. I assume it is related, but when I do checks (dnsstuff.com), I get a report that says ns2.rollernet.us is not listed at parent name servers. Why is that?
"FAIL: You have one or more missing (stealth) nameservers. The following nameserver(s) are listed (at your nameservers) as nameservers for your domain, but are not listed at the parent nameservers (therefore, they may or may not get used, depending on whether your DNS servers return them in the authority section for other requests, per RFC2181 5.4.1). You need to make sure that these stealth nameservers are working; if they are not responding, you may have serious problems! The DNSreport will not query these servers, so you need to be very careful that they are working properly.
ns2.rollernet.us.
This is listed as an ERROR because there are some cases where nasty problems can occur (if the TTLs vary from the NS records at the root servers and the NS records point to your own domain, for example). "
Just checked and am still getting this error. Thanks so much for looking in to this and the other issue.
-
- Site Admin
- Posts: 598
- Joined: Wed Nov 17, 2004 10:05 pm
- Location: Nevada
- Contact:
Oh, that test. That means that there's a mismatch between what name servers are configured at the registrar and the servers listed in NS records in the zone itself. The registrar doesn't have "ns2.rollernet.us" listed:
Code: Select all
; <<>> DiG 9.5.1-P1 <<>> cadenceinc.com @j.gtld-servers.net
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 19243
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 2, ADDITIONAL: 1
;; WARNING: recursion requested but not available
;; QUESTION SECTION:
;cadenceinc.com. IN A
;; AUTHORITY SECTION:
cadenceinc.com. 172800 IN NS ns1.bladeinfo.com.
cadenceinc.com. 172800 IN NS ns1.rollernet.us.
Technical Support support@rollernet.us
Roller Network LLC
Roller Network LLC