Zone Transfer with Secondary DNS error

Toggle sidebar Toggle sidebar
G

Guest

Guest
Archived from groups: microsoft.public.win2000.dns (More info?)

For our domain, we are set up as the promary DNS server
and our ISP is set up as the secondary DNS server. Our
server is running Windows 2000 SP4 and is running DNS in
standard primary mode. When we write a change to the DNS
it is set up to automatically notify the secondary server
at the ISP. When the ISP connects for a zone transfer,
the log file shows that it was unsuccessful. The error is
below. It reports a bogus packet. and the connection is
refused. The secondary server is running BIND 8.2.2. Any
insight and help would be appreciated.

--------------------------------------------

The DNS server wrote version 2004093001 of zone
thespring.org to file thespring.org.dns.
Snd 207.22.166.2 0000 N [0024 A NOERROR] (9)my-
domain(3)org(0)
UDP question info at 0047E41C
Socket = 380
Remote addr 207.22.166.2, port 53
Time Query=0, Queued=0, Expire=0
Buf length = 0x0200 (512)
Msg length = 0x005b (91)
Message:
XID 0x0000
Flags 0x2400
QR 0 (question)
OPCODE 4 (NOTIFY)
AA 1
TC 0
RD 0
RA 0
Z 0
RCODE 0 (NOERROR)
QCOUNT 0x1
ACOUNT 0x1
NSCOUNT 0x0
ARCOUNT 0x0
Offset = 0x000c, RR count = 0
Name "(9)my-domain(3)org(0)"
QTYPE SOA (6)
QCLASS 1
ANSWER SECTION:
Offset = 0x001f, RR count = 0
Name "[C00C](9)my-domain(3)org(0)"
TYPE SOA (6)
CLASS 1
TTL 38400
DLEN 48
DATA
PrimaryServer: (2)ns(9)my-domain(3)org(0)
Administrator: (7)it-dept[C02E](9)my-domain
(3)org(0)
SerialNo = 2004093001
Refresh = 3600
Retry = 1800
Expire = 1296000
MinimumTTL = 38400
AUTHORITY SECTION:
ADDITIONAL SECTION:

Rcv 207.22.166.2 0000 R N [85a0 R REFUSED] (9)my-
domain(3)org(0)
UDP response info at 0047D09C
Socket = 380
Remote addr 207.22.166.2, port 53
Time Query=86017, Queued=0, Expire=0
Buf length = 0x0200 (512)
Msg length = 0x001f (31)
Message:
XID 0x0000
Flags 0xa085
QR 1 (response)
OPCODE 4 (NOTIFY)
AA 0
TC 0
RD 0
RA 1
Z 0
RCODE 5 (REFUSED)
QCOUNT 0x1
ACOUNT 0x1
NSCOUNT 0x0
ARCOUNT 0x0
Offset = 0x000c, RR count = 0
Name "(9)my-domain(3)org(0)"
QTYPE SOA (6)
QCLASS 1
ANSWER SECTION:
ERROR: BOGUS PACKET:
Following RR (offset 31) past packet length (31).
pchRecord = 0047D427, pCurrent = 00000000, -
4707367 bytes
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.dns (More info?)

Hi,

Is have you allowed your ISP's dns server for zone transfers? Also, is your
primary dns server behind a firewall? We had the same problem and it was the
firewall blocking ports.

/o


"Adrian McCray" <anonymous@discussions.microsoft.com> wrote in message
news:466a01c4a6fe$72bed6f0$a501280a@phx.gbl...
> For our domain, we are set up as the promary DNS server
> and our ISP is set up as the secondary DNS server. Our
> server is running Windows 2000 SP4 and is running DNS in
> standard primary mode. When we write a change to the DNS
> it is set up to automatically notify the secondary server
> at the ISP. When the ISP connects for a zone transfer,
> the log file shows that it was unsuccessful. The error is
> below. It reports a bogus packet. and the connection is
> refused. The secondary server is running BIND 8.2.2. Any
> insight and help would be appreciated.
>
> --------------------------------------------
>
> The DNS server wrote version 2004093001 of zone
> thespring.org to file thespring.org.dns.
> Snd 207.22.166.2 0000 N [0024 A NOERROR] (9)my-
> domain(3)org(0)
> UDP question info at 0047E41C
> Socket = 380
> Remote addr 207.22.166.2, port 53
> Time Query=0, Queued=0, Expire=0
> Buf length = 0x0200 (512)
> Msg length = 0x005b (91)
> Message:
> XID 0x0000
> Flags 0x2400
> QR 0 (question)
> OPCODE 4 (NOTIFY)
> AA 1
> TC 0
> RD 0
> RA 0
> Z 0
> RCODE 0 (NOERROR)
> QCOUNT 0x1
> ACOUNT 0x1
> NSCOUNT 0x0
> ARCOUNT 0x0
> Offset = 0x000c, RR count = 0
> Name "(9)my-domain(3)org(0)"
> QTYPE SOA (6)
> QCLASS 1
> ANSWER SECTION:
> Offset = 0x001f, RR count = 0
> Name "[C00C](9)my-domain(3)org(0)"
> TYPE SOA (6)
> CLASS 1
> TTL 38400
> DLEN 48
> DATA
> PrimaryServer: (2)ns(9)my-domain(3)org(0)
> Administrator: (7)it-dept[C02E](9)my-domain
> (3)org(0)
> SerialNo = 2004093001
> Refresh = 3600
> Retry = 1800
> Expire = 1296000
> MinimumTTL = 38400
> AUTHORITY SECTION:
> ADDITIONAL SECTION:
>
> Rcv 207.22.166.2 0000 R N [85a0 R REFUSED] (9)my-
> domain(3)org(0)
> UDP response info at 0047D09C
> Socket = 380
> Remote addr 207.22.166.2, port 53
> Time Query=86017, Queued=0, Expire=0
> Buf length = 0x0200 (512)
> Msg length = 0x001f (31)
> Message:
> XID 0x0000
> Flags 0xa085
> QR 1 (response)
> OPCODE 4 (NOTIFY)
> AA 0
> TC 0
> RD 0
> RA 1
> Z 0
> RCODE 5 (REFUSED)
> QCOUNT 0x1
> ACOUNT 0x1
> NSCOUNT 0x0
> ARCOUNT 0x0
> Offset = 0x000c, RR count = 0
> Name "(9)my-domain(3)org(0)"
> QTYPE SOA (6)
> QCLASS 1
> ANSWER SECTION:
> ERROR: BOGUS PACKET:
> Following RR (offset 31) past packet length (31).
> pchRecord = 0047D427, pCurrent = 00000000, -
> 4707367 bytes
>
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.dns (More info?)

Yes, we do allow our ISP to perform Zone Transfers. (as
specified on the Zone Transfers tab of the Zone). It is
behind a firewall, however we to have a tunnel for ports
UDP 53 and TCP 53. I just curious why in the error
portion, it says that it recieved a BOGUS PACKET.

Thanks for your response.
>-----Original Message-----
>Hi,
>
>Is have you allowed your ISP's dns server for zone
transfers? Also, is your
>primary dns server behind a firewall? We had the same
problem and it was the
>firewall blocking ports.
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.dns (More info?)

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html;charset=ISO-8859-1" http-equiv="Content-Type">
<title></title>
</head>
<body bgcolor="#ffffff" text="#000000">
<br>
<blockquote cite="mid466a01c4a6fe$72bed6f0$a501280a@phx.gbl" type="cite">the
connection is refused. </blockquote>
No it isn't.  It is using UDP, and UDP is a connectionless protocol. 
There is no connection to <em>be</em> refused.<br>
<br>
It is the <em>transaction</em> that is refused.<br>
<blockquote cite="mid466a01c4a6fe$72bed6f0$a501280a@phx.gbl" type="cite">When
the ISP connects for a zone transfer, the log file shows that it was
unsuccessful.</blockquote>
The log file that you posted shows no such thing.  It actually shows a <br>
<blockquote cite="mid466a01c4a6fe$72bed6f0$a501280a@phx.gbl" type="cite">OPCODE
4 (NOTIFY)<br>
</blockquote>
request, not a "zone transfer" request, being sent to <br>
<blockquote cite="mid466a01c4a6fe$72bed6f0$a501280a@phx.gbl" type="cite">207.22.166.2
</blockquote>
which responds with<br>
<blockquote cite="mid466a01c4a6fe$72bed6f0$a501280a@phx.gbl" type="cite">RCODE
5 (REFUSED)<br>
</blockquote>
A silly buffer re-use programming error in whatever DNS server software
is providing service on that IP address (It reports that it is ISC's
BIND version 8.2.3-T6B.  This version of ISC's BIND was not originally
intended for production use, is known to have <a
href="http://isc.org./sw/bind/bind-security.php">several serious
security flaws</a>, and certainly shouldn't be being used by a DNS
hosting service such as Internet Junction.  You might like to consider
switching your DNS hosting services from Internet Junction to a company
that uses better DNS server software.) has caused <br>
<blockquote cite="mid466a01c4a6fe$72bed6f0$a501280a@phx.gbl" type="cite">ERROR:
BOGUS PACKET:<br>
Following RR (offset 31) past packet length (31).<br>
</blockquote>
the refusal response datagram to be ill-formed.<br>
</body>
</html>
 
You must log in or register to reply here.

TRENDING THREADS

Latest posts

Moderators online

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom