I picked up a slave server using rndc. The server is behind NAT. When I try to transfer a zone, I get the following error:

06-Jan-2017 13:00:59.593 general: info: zone domain.com/IN: Transfer started. 06-Jan-2017 13:00:59.594 xfer-in: info: transfer of 'domain.com/IN' from <master DNS IP>#53: connected using 10.0.2.4#42991 06-Jan-2017 13:00:59.896 xfer-in: error: transfer of 'domain.com/IN' from <master DNS IP>#53: failed while receiving responses: NXDOMAIN 06-Jan-2017 13:00:59.896 xfer-in: info: transfer of 'domain.com/IN' from <master DNS IP>#53: Transfer completed: 0 messages, 0 records, 0 bytes, 0.302 secs (0 bytes/sec)

At the same time, all ports are open (both TCP and UDP, 953 and 53). Master server is working properly. lsof on slave

 root@admindns:/var/log/bind# lsof -Pni :53 COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME named 20620 bind 20u IPv4 392123 0t0 TCP 127.0.0.1:53 (LISTEN) named 20620 bind 21u IPv4 392125 0t0 TCP 10.0.2.4:53 (LISTEN) named 20620 bind 512u IPv4 392122 0t0 UDP 127.0.0.1:53 named 20620 bind 513u IPv4 392124 0t0 UDP 10.0.2.4:53 root@admindns:/var/log/bind# lsof -Pni :953 COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME named 20620 bind 22u IPv4 392128 0t0 TCP *:953 (LISTEN) root@admindns:/var/log/bind#

lsof on master

 [root@panel ~]# lsof -Pni :953 COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME named 29304 named 21u IPv4 445846 0t0 TCP *:953 (LISTEN) [root@panel ~]# lsof -Pni :53 COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME dnsmasq 1112 nobody 4u IPv4 27041 0t0 UDP *:53 dnsmasq 1112 nobody 5u IPv4 27042 0t0 TCP *:53 (LISTEN) dnsmasq 1112 nobody 6u IPv6 27043 0t0 UDP *:53 dnsmasq 1112 nobody 7u IPv6 27044 0t0 TCP *:53 (LISTEN) named 29304 named 512u IPv6 445837 0t0 UDP *:53 named 29304 named 513u IPv6 445837 0t0 UDP *:53 named 29304 named 514u IPv4 445840 0t0 UDP 127.0.0.1:53 named 29304 named 515u IPv4 445840 0t0 UDP 127.0.0.1:53 named 29304 named 516u IPv4 445842 0t0 UDP 10.0.0.4:53 named 29304 named 517u IPv4 445842 0t0 UDP 10.0.0.4:53 named 29304 named 518u IPv4 445844 0t0 UDP 172.17.0.1:53 named 29304 named 519u IPv4 445844 0t0 UDP 172.17.0.1:53 [root@panel ~]#
  • NXDOMAIN is a domain not found. Are you sure that the master zone is exactly raised? that says on the dig SOA domain.com @127.0.0.1 master dig SOA domain.com @127.0.0.1 . Also check the dig from another machine, after specifying the master ip after the dog - Mike
  • Here is pastebin.com/yLmmTxam - FindYanot

1 answer 1

The problem was in dnsmasq, you just had to turn it off.