• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Calling all 2003 admins

B

bwatson283

Golden Member
I got a issue with making secondary zone. The stub zones will work fine, but the secondary zones fail to load from master. I dont use software firewall, but i use a hardware firewall and both servers are running off the same switch behind the hardware firewall. Both are running 2003, levels are 2003 at the forest and domain. I am running a Parent->Child realtionship.

Parent-> Master DNS for parent
Child->Master for child, set to forward to the Parent DNS. (With or without didn't solve the issue)

I want to make secondary zone for each. I wasn't even able to make stub zones earlier, so i looked into Replmon and it was having a RPC error. I fixed that and now I can make Stub's but not secondary. Replmon now shows no error and that everything is talking fine.

Probably a noob mistake.


 
Probably a noob response but........

Why not just use active directory integrated zones?

EDIT: ahhhh.... just noticed you need to be studying for 291, like me. 😀
 
What options do you have set on the Zone Transfers tab for the zone on the master server? Specifically, is "enable zone transfers" checked?
 
Originally posted by: stash
What options do you have set on the Zone Transfers tab for the zone on the master server? Specifically, is "enable zone transfers" checked?
Click to expand...

Not sure if I completely understand what the OP is trying to do, but it sounds like a transfer issue to me as well. Make sure that as stash said zone transfers are enabled, and that you have allowed the zones to be transferred to the child by adding it's IP address in the allow field in the zone transfers tab on the Parent
 
Also ensure you're forwarding TCP/53 on your firewall. Typical DNS queries are UDP but zone transfers will use TCP.

Doh... never mind. I just realized you said both machines are on the same side of the firewall. My bad.
 
The "Zone Transfer is set to "All IP's". I have messed with it by only setting ips of the other server but didn't seem to fix it. Ill have more time tommorow to look at it. I am busy studying 294,297 AD tests.
 
First things first. Figure out of the secondary is failing to request a transfer or if the primary is failing to deliver it. Take a network trace at the primary and see if the request is coming in. If it is you can concentrate there. If not, take a trace at the secondary and see if the request is not being sent or it's being sent but lost in transit.
 
Besides DNS logs/audits and Wireshark (F.K.A. Ethereal), is it netdiag or nslookup that i could use to see the failed attempts with DNS?
 
no way to attach a pic to a post here. post it elsewhere and provide a link.

Did you take a Wireshark trace? You can export the text of the frames if you need.

But anywhoo, what was the result? Are zone transfer requests arriving or not?
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top