• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 298
  • Last Modified:

Server 2003 DNS Zone Transfers

Server 2003 DNS is refusing zone transfers from external BIND DNS Servers
1 Solution
Make sure the zone transfer tab of the dns properties has the ipnumbers of the external bind servers
Just to make sure I understand:

1) Is your 2003 DNS server going to an exernal DNS server and attemping to get a zone?


2) Is a external BIND DNS server attemping to get a zone from the 2003 DNS server?

Either way, the DNS server that is the authoritive (source) may be configured to only allow zone transfers to specific server, by IP address.  So you need to make sure that the DNS server that is the source is configured to allow your DNS server to request a zone tranfers.
what level of security do you have on zone transfers>?

Make sure that named.conf has:  allow-transfer {IP of 2003 DNS server; }; in the options section, and that 2003 DNS is configured to retrive DNS updates from the BIND server (mentioned above by bleeuwen ).

Also TCP is used instead of UDP for zone transfers, make sure your firewall is configured to allow TCP port 53

Are you using TSIG etc to secure the DNS transfers?

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

We Need Your Input!

WatchGuard is currently running a beta program for our new macOS Host Sensor for our Threat Detection and Response service. We're looking for more macOS users to help provide insight and feedback to help us make the product even better. Please sign up for our beta program today!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now