[Pdns-users] Need help re: Remote tried to sneak in out-of-zone data ''|SOA during AXFR of zone

Peter van Dijk peter.van.dijk at netherlabs.nl
Tue Feb 18 15:48:15 UTC 2014


Hello Chris,

On 18 Feb 2014, at 16:40 , Chris Moody <chris at node-nine.com> wrote:
> First off - been a powerdns user & advocate for several years now - LOVE IT!!!  

Happy to hear that! :)

> This appears to be working in that I'm seeing the logs indicating "1 slave domain needs checking".  Trouble I'm running into though is that the logs also are stating the following error:
> =====
> Remote 206.71.169.116 tried to sneak in out-of-zone data ''|SOA during AXFR of zone 'node-nine.com', ignoring
> =====
> 
> Because of this the zone-transfer never completes.
> 
> I've nuked and re-added the SOA record on my master according to the syntax I've always used (and what's documented here) but still, this error persists.
> 
> ex>
> =====
> mysql> SELECT * FROM records WHERE name LIKE '%node-nine%' AND type = 'SOA';
> +-------+-----------+---------------+------+-------+------+---------------------------------------------------------------------+-----------+------+----------+
> | id    | domain_id | name          | type | ttl   | prio | content                                                             | ordername | auth | disabled |
> +-------+-----------+---------------+------+-------+------+---------------------------------------------------------------------+-----------+------+----------+
> | 35272 |       457 | node-nine.com | SOA  | 86400 | NULL | ns1.node-nine.com postmaster at node-nine.com 0 10800 3600 604800 3600 | NULL      | NULL |     NULL |
> +-------+-----------+---------------+------+-------+------+---------------------------------------------------------------------+-----------+------+----------+
> 1 row in set (0.00 sec)
> =====
> 
> A lookup of the SOA record on the master works great, so I'm not sure what exactly the slave is complaining about.
> 
> Any help, pointers, clue-bat, etc are greatly appreciated.

Please try SELECT * FROM records WHERE domain_id=457 AND type=‘SOA’; I suspect you will find an entry with ‘’ as name.

pdnssec check-zone node-nine.com may also be informative.

Kind regards,
-- 
Peter van Dijk
Netherlabs Computer Consulting BV - http://www.netherlabs.nl/

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 841 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20140218/08fd72cc/attachment-0001.sig>


More information about the Pdns-users mailing list