Solved

Server 2003 DNS Zone Transfers

Posted on 2007-03-20
4
279 Views
Last Modified: 2010-04-18
Server 2003 DNS is refusing zone transfers from external BIND DNS Servers
0
Comment
Question by:bengoa
4 Comments
 
LVL 13

Expert Comment

by:bleeuwen
Comment Utility
Make sure the zone transfer tab of the dns properties has the ipnumbers of the external bind servers
0
 
LVL 57

Expert Comment

by:giltjr
Comment Utility
Just to make sure I understand:

1) Is your 2003 DNS server going to an exernal DNS server and attemping to get a zone?

Or

2) Is a external BIND DNS server attemping to get a zone from the 2003 DNS server?

Either way, the DNS server that is the authoritive (source) may be configured to only allow zone transfers to specific server, by IP address.  So you need to make sure that the DNS server that is the source is configured to allow your DNS server to request a zone tranfers.
0
 
LVL 48

Expert Comment

by:Jay_Jay70
Comment Utility
what level of security do you have on zone transfers>?
0
 
LVL 5

Accepted Solution

by:
suggestionstick earned 500 total points
Comment Utility
Hi


Make sure that named.conf has:  allow-transfer {IP of 2003 DNS server; }; in the options section, and that 2003 DNS is configured to retrive DNS updates from the BIND server (mentioned above by bleeuwen ).

Also TCP is used instead of UDP for zone transfers, make sure your firewall is configured to allow TCP port 53

Are you using TSIG etc to secure the DNS transfers?

Trev
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Occasionally you run into the website or two that will not resolve properly using your own DNS servers.  Some people simply set up global forwarders for their DNS server.  I don’t recommend doing this because it can cause problems resolving addresse…
A quick step-by-step overview of installing and configuring Carbonite Server Backup.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now