Standard DNS zones failing to transfer, Event id 6525.6527

We have two Win2k3 dns servers, not on the same network or same location.
Primary DNS has all of the zones created and functioning, running as Primary non-AD integrated zones. The Secondary DNS server is listed on all of the Name Server tabs for all of the zones, Zone Transfers are enabled for servers in the Name Servers, and dynamic updates are allowed.

Some zones are failing to transfer to the Secondary server. The two event id's we are seeing for this are
Event Id 6525:
A zone transfer request for the secondary zone failedtransferzone.com was refused by the master DNS server at [ip]. Check the zone at the master server [ip] to verify that zone transfer is enabled to this server.  To do so, use the DNS console, and select master server [ip] as the applicable server, then in secondary zone failedtransferzone.com Properties, view the settings on the Zone Transfers tab.  Based on the settings you choose, make any configuration adjustments there (or possibly in the Name Servers tab) so that a zone transfer can be made to this server.

And Event Id 6527:
Zone failedtrasnferzone.com expired before it could obtain a successful zone transfer or update from a master server acting as its source for the zone.  The zone has been shut down.

Some zones are able to transfer from the Primary to the Secondary, but there are a handful that will not. Have tried to deleted/recreate the zones on the Secondary server, transfer/reload from the Master, with no success.
The registry keys for the xferthrottling do not exist on either server.
Again, zone transfers are allowed for these zones, with the Secondary being listed in the Name Servers tab.

Thoughts?
LVL 3
bigjdveAsked:
Who is Participating?
 
santhoshuCommented:
Did the posts help you resolve the error?
0
 
santhoshuCommented:
Check this... for Event Id 6525:
http://support.microsoft.com/kb/915022

For Event Id 6527........ From newsgroup posts:

- "It means that your server has not performed a zone transfer from whomever the master DNS server is for <zone name> in the allocatted time, so the zone file you have has expired and your DNS server will no longer answer queries for that zone. Investigate the DNS server holding the master zone"

- "Looks like a problem on the master. Are any of the other slaves (if any) having any problems with zone transfers of the zone? On your slave, try doing a non-recursive, TCP AXFR query for the domain from the master. The error you get back should help you troubleshoot the problem. If you're
not getting any kind of error back, then there is something wrong with your nameserver."

- "You should probably be looking for a problem like the secondary being unable to connect to the primary on TCP/IP port 53, or the primary being configured to deny zone transfer requests from the secondaries IP address. On the secondary server start by using ping to establish that it can reach
the primary at all.  Then, also on the secondary, use NSLOOKUP. Use the SERVER command to point it to the primary. Then try to manually transfer a copy of the zone using the ls -d command.  This should tell you if the secondary cannot reach the primary on port 53 or if there is a problem in
the transfer."  
0
 
bigjdveAuthor Commented:
We can try again, however there are 14 zones that do replicate and 1 that does not. I will let you know what we find out from another attempt.

Thanks
0
Cloud Class® Course: Microsoft Office 2010

This course will introduce you to the interfaces and features of Microsoft Office 2010 Word, Excel, PowerPoint, Outlook, and Access. You will learn about the features that are shared between all products in the Office suite, as well as the new features that are product specific.

 
bigjdveAuthor Commented:
Deleted the zone from the Primary and Secondary server. Recreated the zone on the Primary server, then tried to create the zone as a secondary and transfer from the Primary, again it failed with the same errors.
Many other zones have transferred successfully, so we know the Secondary is able to contact the Primary.
0
 
bigjdveAuthor Commented:
The posts didn't actually fix the issue on the whole as the problem didn't lie with the syncing of the servers. There seemed to be something corrupt with the zone file on the master server. We deleted the zone on all servers and recreated the zone manually and that got us working but never truly explained the issue.
Thanks for the help
0
 
GortCommented:
I'm struggling with this issue as well. I have 20+ zones that I'm authoritative for, but only a select few will not transfer to the secondary DNS server.

I managed to work around the issue by doing the following:
delete the secondary zone
delete the zone files from \winnt\system32\dns and ..\dns\backup
recreate the zone
manually copy the zone file from the primary to the secondary

After that, DNS refreshes as expected. I'm still concerned about what the root cause of the issue could be, though.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.