Hello,
since many weeks I notice sporadic error messages on zonetransfers.
As far as I can tell, anything work in general and also no user
complain. But there is this error message :-(
Setup
1x nsd-1.4.2 as master serving exact one zone.
4x nsd-1.4.2 as slave serving dozens of zones with own data and just
one zone as slave.
Here are the logs as the error occur.
@master ( 192.0.53.53 )
2015-04-29 09:26:15.265243500 [2015-04-29 09:26:15.265] nsd[13222]:
info: new control connection from 127.0.0.1
2015-04-29 09:26:15.268803500 [2015-04-29 09:26:15.268] nsd[13222]:
info: remote control connection authenticated
2015-04-29 09:26:15.308609500 [2015-04-29 09:26:15.308] nsd[13222]:
info: control cmd: reload
2015-04-29 09:26:15.308738500 [2015-04-29 09:26:15.308] nsd[13222]:
info: remote control operation completed
2015-04-29 09:26:15.311365500 [2015-04-29 09:26:15.311] nsd[13259]:
info: zone example.org. read with success
2015-04-29 09:26:15.311365500 [2015-04-29 09:26:15.311] nsd[13259]:
info: rehash of zone example.org. with parameters 1 0 1 -
2015-04-29 09:26:15.312562500 [2015-04-29 09:26:15.311] nsd[683]:
info: NSTATS 1430292375 1430290388 TYPE252=4
2015-04-29 09:26:15.312562500 [2015-04-29 09:26:15.312] nsd[683]:
info: XSTATS 1430292375 1430290388 RR=0 RNXD=0 RFwdR=0 RDupR=0 RFail=0
RFErr=0 RErr=0 RAXFR=4 RLame=0 ROpts=0 SSysQ=0 SAns=0 SF
wdQ=0 SDupQ=0 SErr=0 RQ=4 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=4 SFwdR=0 SFail=0
SFErr=0 SNaAns=0 SNXD=0 RUQ=0 RURQ=0 RUXFR=0 RUUpd=0
13222 ? S 0:05 | | \_ /usr/sbin/nsd -c
/var/lib/nsd/etc/nsd/nsd.conf -d
13259 ? S 0:06 | | \_ /usr/sbin/nsd -c
/var/lib/nsd/etc/nsd/nsd.conf -d
9127 ? S 0:00 | | \_ /usr/sbin/nsd -c
/var/lib/nsd/etc/nsd/nsd.conf -d
nsd.conf:
server:
chroot: "/var/lib/nsd"
debug-mode: yes
statistics: 86400
verbosity: 9
ip-address: 192.0.53.53
ip-address: $an_additional_ipv6_address
nsid: "ascii_MASTER"
database: ""
key:
name: "mykey"
algorithm: hmac-sha256
secret: "secret"
zone:
name: "example.org."
zonefile: "/path/to/example.org.signed"
notify: 192.0.53.101 mykey
notify: 192.0.53.102 mykey
notify: 192.0.153.101 mykey
notify: 192.0.153.102 mykey
provide-xfr: 192.0.53.101 mykey
provide-xfr: 192.0.53.102 mykey
provide-xfr: 192.0.153.101 mykey
provide-xfr: 192.0.153.102 mykey
@slave1 (192.0.53.101)
2015-04-29 09:26:15.323078500 [2015-04-29 09:26:15.322] nsd[17497]:
info: notify for example.org. from 192.0.53.53 serial 1430292374
--->>> BANG !!!
2015-04-29 09:26:15.325632500 [2015-04-29 09:26:15.325] nsd[9659]:
error: xfrd: zone example.org. received error code NOT IMPL from
192.0.53.53
2015-04-29 09:26:15.329649500 [2015-04-29 09:26:15.329] nsd[9659]:
info: xfrd: zone example.org. written received XFR packet from
192.0.53.53 with serial 1430292374 to disk
2015-04-29 09:26:15.330310500 [2015-04-29 09:26:15.330] nsd[9659]:
info: xfrd: zone example.org. written received XFR packet from
192.0.53.53 with serial 1430292374 to disk
2015-04-29 09:26:15.330687500 [2015-04-29 09:26:15.330] nsd[9659]:
info: xfrd: zone example.org. written received XFR packet from
192.0.53.53 with serial 1430292374 to disk
2015-04-29 09:26:15.330761500 [2015-04-29 09:26:15.330] nsd[9659]:
info: xfrd: zone example.org. committed "received update to serial
1430292374 at 2015-04-29T09:26:15 from 192.0.53.53 TSIG verified with
key mykey"
2015-04-29 09:26:15.334419500 [2015-04-29 09:26:15.334] nsd[9705]:
info: rehash of zone example.org. with parameters 1 0 1 -
2015-04-29 09:26:15.337018500 [2015-04-29 09:26:15.336] nsd[9705]:
info: zone example.org. received update to serial 1430292374 at
2015-04-29T09:26:15 from 192.0.53.53 TSIG verified with key mykey of
41427 bytes in 0.001151 seconds
2015-04-29 09:26:15.337762500 [2015-04-29 09:26:15.337] nsd[17497]:
info: NSTATS 1430292375 1430291110 A=12205 NS=462 CNAME=77 SOA=292
PTR=1835 MX=4882 TXT=2892 AAAA=3793 SRV=434 TYPE38=10 NSEC=1 DNSKEY=7
SPF=1392 TYPE255=139
2015-04-29 09:26:15.337774500 [2015-04-29 09:26:15.337] nsd[17497]:
info: XSTATS 1430292375 1430291110 RR=0 RNXD=0 RFwdR=0 RDupR=0 RFail=0
RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=0 SAns=28408 SFwdQ=0
SDupQ=0 SErr=0 RQ=28420 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=13 SFwdR=0 SFail=0
SFErr=0 SNaAns=253 SNXD=1302 RUQ=0 RURQ=0
RUXFR=0 RUUpd=0
2015-04-29 09:26:15.338774500 [2015-04-29 09:26:15.338] nsd[9659]:
info: zone example.org. serial 1430290388 is updated to 1430292374.
9659 ? S 0:31 | | \_ /usr/sbin/nsd -c
/var/lib/nsd/etc/nsd/nsd.conf -d
9705 ? S 1:28 | | \_ /usr/sbin/nsd -c
/var/lib/nsd/etc/nsd/nsd.conf -d
17745 ? S 0:00 | | \_ /usr/sbin/nsd -c
/var/lib/nsd/etc/nsd/nsd.conf -d
nsd.conf:
server:
chroot: "/var/lib/nsd"
debug-mode: yes
statistics: 86400
verbosity: 9
ip-address: 127.0.0.53
ip-address: 192.0.53.101
nsid: "ascii_SLAVE1"
key:
name: "mykey"
algorithm: hmac-sha256
secret: "secret"
zone:
name: "example.org."
# Masterserver ist der 192.0.53.53
allow-notify: 192.0.53.53 mykey
request-xfr: 192.0.53.53 mykey
outgoing-interface: 192.0.53.101
If there are any further question I may provide needed information.
I plan to update master and one slave to 1.4.3.rc1 next week to check
if the phenomenon is still visible.
Andreas
On 10/06/15 15:17, A. Schulze wrote: Hi Andreas,> @slave1 (192.0.53.101) > 2015-04-29 09:26:15.323078500 [2015-04-29 09:26:15.322] nsd[17497]: > info: notify for example.org. from 192.0.53.53 serial 1430292374 > --->>> BANG !!! > 2015-04-29 09:26:15.325632500 [2015-04-29 09:26:15.325] nsd[9659]: > error: xfrd: zone example.org. received error code NOT IMPL from > 192.0.53.53NSD as a slave tries IXFR against the master first, and then falls back to AXFR. NSD as a master only provides AXFR. It cannot provide IXFR, because it doesn't keep a journal of changes. So when the slave asks the master for IXFR, the master replies with "NOTIMPL", and then slave then falls back to AXFR. There's no problem, and nothing to worry about :) Regards, Anand