On 29/07/2021 15:47, Chris Dunbar via nsd-users wrote:
Hi Chris,
When NSD wants to refresh a zone, it does not query the master for the
zone's SOA record over UDP. Instead, it attempts to do a zone transfer
over TCP. It then looks at the first packet of the transfer, and looks
for the SOA record in there. If the primary has a newer version of the
zone, it completes the transfer. However, if the serial is the same, it
abandons the transfer.
I suspect that the refresh value in your zones' SOA records is quite
low, so the NSD secondaries keep trying frequently, and you see this
logged on the primary.
Regards,
Anand Buddhdev
RIPE NCC
> Hello,
>
> I am new to nsd and have been setting up a few servers to eventually
replace my bind servers. Things have been going reasonably well; most problems
have been of my own making. This may be another instance of that, but I would
like to double check. I noticed that in the log file zones appear to be
transferring repeatedly, every few minutes. For example:
>
> [2021-07-29 13:17:54.719] nsd[26252]: info: axfr for jxxxxxxxxxy.com. from
5x.xx.xxx.8
>
> [2021-07-29 13:22:46.880] nsd[26252]: info: axfr for jxxxxxxxxxy.com. from
5x.xx.xxx.8
>
> [2021-07-29 13:27:20.024] nsd[26252]: info: axfr for jxxxxxxxxxy.com. from
5x.xx.xxx.8
>
> 2021-07-29 13:32:11.180] nsd[26252]: info: axfr for jxxxxxxxxxy.com. from
5x.xx.xxx.8
>
> I've tried to sanitize things a bit, but that is the same zone being
transferred to the same secondary server every 4 to 5 minutes. This is happening
for all of my zones and all of my secondaries.
>
> 1. Am I interpreting that correctly?
>
> 2. If yes, Is that normal behavior?
>
> 3. If no (to #2), what have I likely misconfigured?
>
> Please let me know if I should provide any additional information.
>
> Thank you,
> Chris
>
>
> _______________________________________________
> nsd-users mailing list
> nsd-users at lists.nlnetlabs.nl
> https://lists.nlnetlabs.nl/mailman/listinfo/nsd-users
>