[Pdns-users] AXFR chunk with a non-zero rcode 9

Javier Ruiz jruiz at hospedajeydominios.com
Mon Apr 15 10:34:02 UTC 2013 

By the way, my bind and pdns versions:

# named -v
BIND 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6.3

# pdns_server --version
Version: 3.2, compiled on Jan 29 2013, 19:54:47 with gcc version 4.4.5

¿could it be related to any "missunderstanding" on AXFR updates between
these versions? shouldn't, but I'm starting to get out of ideas :-/




On 04/15/2013 12:30 PM, Javier Ruiz wrote:
> On 04/15/2013 12:12 PM, Peter van Dijk wrote:
>> Hello Javier,
>>
>> On Apr 15, 2013, at 11:45 , Javier Ruiz wrote:
>>
>>> I'm trying to debug this error when an AXFR update is received from a
>>> bind master. All other zones in the same master work properly but this
>>> one (just changed domain name and master ip):
>>>
>>> Apr 15 11:02:27 Initiating transfer of 'mydomain.com' from remote '0.0.0.0'
>>> Apr 15 11:02:27 No serial for 'mydomain.com' found - zone is missing?
>>> Apr 15 11:02:27 Unable to AXFR zone 'mydomain.com' from remote '0.0.0.0'
>>> (resolver): AXFR chunk with a non-zero rcode 9
>> rcode 9 means 'Not Authoritative' - although PowerDNS sometimes also sends it in 'access denied' situations.
>>
>> Please try, on your PowerDNS slave:
>> dig axfr mydomain.com @0.0.0.0
>> and see what happens.
>>
>> Also, please don't obfuscate your data like that. 0.0.0.0 looks like a misconfiguration, and we have no way to tell whether that really is the case, or whether you obfuscated in a way that makes it impossible to tell.
>>
>> Kind regards,
> Hi Peter,
>
> Thanks for your help.
> Yes, sorry, changing the ip to 0.0.0.0 can make it look like a config
> error, didn't realize. I tried dig in my pdns slave and this is what I
> got:  (46.29.50.50 is my pdns slave, 46.29.49.1 is my bind master)
>
> # dig axfr mydomain.com at 46.29.50.50
>
> ; <<>> DiG 9.7.3 <<>> axfr mydomain.com at 46.29.50.50
> ;; global options: +cmd
> ; Transfer failed.
> root at ns1:~# dig axfr mydomain.com at 46.29.50.50
>
> ; <<>> DiG 9.7.3 <<>> axfr mydomain.com at 46.29.50.50
> ;; global options: +cmd
> ; Transfer failed.
>
> I don't get any output in pdns logs... This is exactly what I get in
> pdsn log when I try to create and/or refresh the zone from master
> (46.29.49.1 is in my supermasters db and other zones from the same
> server work properly)
>
> Apr 15 12:23:28 Received NOTIFY for mydomain.com from 46.29.49.1 for
> which we are not authoritative
> Apr 15 12:23:28 Created new slave zone 'mydomain.com' from supermaster
> 46.29.49.1, queued axfr
> Apr 15 12:23:28 Initiating transfer of 'mydomain.com' from remote
> '46.29.49.1'
> Apr 15 12:23:28 No serial for 'mydomain.com' found - zone is missing?
> Apr 15 12:23:28 Unable to AXFR zone 'mydomain.com' from remote
> '46.29.49.1' (resolver): AXFR chunk with a non-zero rcode 9
>
> and once the zone is created by the first AXFR, I get this on every AXFR
> from master:
>
> Apr 15 12:25:50 Domain 'mydomain.com' is stale, master serial
> 2013041507, our serial 0
> Apr 15 12:25:50 Initiating transfer of 'mydomain.com' from remote
> '46.29.49.1'
> Apr 15 12:25:50 No serial for 'mydomain.com' found - zone is missing?
> Apr 15 12:25:50 Unable to AXFR zone 'mydomain.com' from remote
> '46.29.49.1' (resolver): AXFR chunk with a non-zero rcode 9
>
> Thanks again for the help.
> Regards,
>
> Javi Ruiz
>
>
> _______________________________________________
> Pdns-users mailing list
> Pdns-users at mailman.powerdns.com
> http://mailman.powerdns.com/mailman/listinfo/pdns-users

More information about the Pdns-users mailing list