Solved

Server 2003 DNS Zone Transfers

Posted on 2007-03-20
4
286 Views
Last Modified: 2010-04-18
Server 2003 DNS is refusing zone transfers from external BIND DNS Servers
0
Comment
Question by:bengoa
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 13

Expert Comment

by:bleeuwen
ID: 18758752
Make sure the zone transfer tab of the dns properties has the ipnumbers of the external bind servers
0
 
LVL 57

Expert Comment

by:giltjr
ID: 18758757
Just to make sure I understand:

1) Is your 2003 DNS server going to an exernal DNS server and attemping to get a zone?

Or

2) Is a external BIND DNS server attemping to get a zone from the 2003 DNS server?

Either way, the DNS server that is the authoritive (source) may be configured to only allow zone transfers to specific server, by IP address.  So you need to make sure that the DNS server that is the source is configured to allow your DNS server to request a zone tranfers.
0
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 18760221
what level of security do you have on zone transfers>?
0
 
LVL 5

Accepted Solution

by:
suggestionstick earned 500 total points
ID: 18789981
Hi


Make sure that named.conf has:  allow-transfer {IP of 2003 DNS server; }; in the options section, and that 2003 DNS is configured to retrive DNS updates from the BIND server (mentioned above by bleeuwen ).

Also TCP is used instead of UDP for zone transfers, make sure your firewall is configured to allow TCP port 53

Are you using TSIG etc to secure the DNS transfers?

Trev
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Configuring network clients can be a chore, especially if there are a large number of them or a lot of itinerant users.  DHCP dynamically manages this process, much to the relief of users and administrators alike!
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …
This is my first video review of Microsoft Bookings, I will be doing a part two with a bit more information, but wanted to get this out to you folks.

696 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question