Re: zone transfers delay

Tech Tip: Click here to run a free scan for Windows Errors and optimize PC performance

Read inline please.

In news:E62D74C4-A74F-4901-A3AE-5C11420692DF@xxxxxxxxxxxxx,
Savvas <Savvas@xxxxxxxxxxxxxxxxxxxxxxxxx> typed:
Hi all,

I'm facing with the following problem.
I have a primary DNS zone on a linux box running bind 9.4.1_P1 for my
domain. On my W2K3 AD DC I have a secondary zone for my domain.
All my clients use my W2K AD DC's DNS for name resolution.
When I update a record on my primary DNS zone my W2K3 AD DC gets the
notification but transfers the zone with great delay even more that 1
hour. This results in false DNS query from my clients whenever I
update a record in my primary DNS zone for as far as it takes for my
W2K3 AD DC to transfer / reload the zone.


You will need to enable Notify on the Primary zone on the BIND DNS and make
sure the zone Serial is incremented. BIND does not automatically increment
the serial, IIRC. I can't remember exactly how to enable Notify on BIND,
someone may be able to answer this or you can post this in a BIND forum.
Without, Notify being enabled, the secondary uses the Refresh, Retry and
Expire values for checking zone data.

Keep in mind that even after the zone is transferred, the old IP may be
cached on the clients until the TTL expires on the record.


--
Best regards,
Kevin D. Goodknecht Sr. [MVP]
Hope This Helps

===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
http://support.wftx.us/
http://message.wftx.us/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
===================================


.

Relevant Pages

  • FQDN logons
    ... I got a test installation with 2 DC's Win2k servers, ... Primary DNS zone, the other with a Secondary zone of the example.com ... have "Fully Qualified Domain Name logons", that is when I logon to ...
    (microsoft.public.win2000.dns)
  • Re: DNS Options
    ... Secondary Zones ... our primary dns zone for our network and AD ... seperate to our primary network, only connected by VPN for communciations ...
    (microsoft.public.windows.server.dns)
  • ISC BIND 9.7.0b1 is now available
    ... BIND 9.7.0b1 is the first beta release of BIND 9.7.0. ... Simplified configuration of DNSSEC Lookaside Validation. ... Support for RFC 5011 automated trust anchor maintenance ... simplified tools for zone signing and key ...
    (comp.protocols.dns.bind)
  • Re: [opensuse] Why Bind dies, where is its log file?
    ... I want to debug my system but I am not sure where bind error log file is? ... The following is part of a server howto I put together so I don't have to reinvent the wheel when I install a new server for the office. ... This is my configuration for bind where dhcpd provides dynamic update to the zone files. ...
    (SuSE)
  • BIND 9.6.2b1 is now available.
    ... BIND 9.6.2b1 is a maintenance release for BIND 9.6. ... dnssec-signzone man page. ... for NSEC3 signed zones. ... the NSEC3 parameters used to sign the zone change. ...
    (comp.protocols.dns.bind)