Task #3890 is not serving properly

Added by Chris Jones over 10 years ago. Updated over 10 years ago.

Support Operations
Target version:
Start date:
Due date:
% Done:


Product Version:
Story Points:


We've been having trouble with the server pulling updates to the domain after changing the zone files.

Nick, will you verify the changes I made to /etc/bind/named.conf.local (described below), and if everything looks okay, re-assign this to Dave so he can look at the configuration (unless you can check that too)?

We noticed that the IP address had changed (from to, and so after having trouble with having updated DNS entries, I changed /etc/bind/named.conf.local to add to the xferhost acl instead of For instance, for the recent addition of

$ dig

; <<>> DiG 9.7.6-P1 <<>>
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 6301
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available

; IN A

;; Query time: 59 msec
;; WHEN: Wed Aug 7 07:50:11 2013
;; MSG SIZE rcvd: 37 continues to give a SERVFAIL status, whereas a call to gives a NOERROR status and returns the CNAME record for

Here are the changes made to files in /etc/bind:

$ sudo git diff HEAD^ HEAD
diff --git a/bind/ b/bind/
index 1b1b4a4..8c3aa34 100644
--- a/bind/
+++ b/bind/
@@ -5,7 +5,7 @@
$TTL 86400 ; changed from default 86400 IN SOA (
- 2013080200 ; serial number
+ 2013080600 ; serial number
360 ; 1 min; default refresh 1 hour (3600) (frequency secondary DNS is updated)
900 ; 1 min; default retry 15 min
3600000 ; expire 1000 hours
@@ -65,6 +65,7 @@ releases 1D IN A
ns 1D IN CNAME releases
ldap 1H IN CNAME
test123 IN A
+ansible 1H IN CNAME
;test subdomain
diff --git a/bind/named.conf.local b/bind/named.conf.local
index 946c730..1f54498 100644
--- a/bind/named.conf.local
+++ b/bind/named.conf.local
@@ -20,7 +20,7 @@ acl xferhosts {;;;


#1 Updated by Chris Jones over 10 years ago

It looks like is still asking for transfers as In ns1's named.conf.local, I reverted the IP address to Dave changed the configuration to now request transfers from ns1.

Nick, will you look at the ACLs on ns2.nceas to see if it is allowing from The logs at were showing a refused status?

xfer-in: error: transfer of '' from failed while receiving responses: REFUSED

Once the transfers are allowed from ns2.nceas, Dave will switch the config back.

#2 Updated by Dave Vieglais over 10 years ago

  • Status changed from New to Closed
  • translation missing: en.field_remaining_hours set to 0.0

Appears to be fixed now.

  • now pulling from
  • ACL in zone updated to include both and which apparently are being used by to make axfr requests

Correct operation verified by updating serial on zone and observing log on with success messages.

Also available in: Atom PDF

Add picture from clipboard (Maximum size: 14.8 MB)