I have been trying to bang my head against the wall now for several hours and It's time to ask for help. Our ns1 is chrooted bind done with ubuntu perfect server server setup. All seems to work fine there. /etc/bind/ points to /var/lib/named/etc/bind and shows all the pri.domain.etc Problem is that when ns2 tries to transfer/update the sec.domain.etc zone it gets old data from ns1. I don't understand where ns1 is hiding this old obsolete data. I have searched but I can't find it anywhere. If I delete the zone and try to transfer it from ns2 I get the expected error. If I re-create the domain in ISPConfig and transfer the domain to ns2 I get the old data again. What am I missing?
I had a similar behaviour with a bind instance that does not get killed when bind was restarted or stopped. Have you checked with ps -aux that no instance of bind is running anymore when you stop it? if you query the local server with dig @localhost ...., do you get the new or old zone details?
Yup, its difficult to kill bind, but I dont think there are 2 DNS services involved here. I usually have to kill bind with killall bind. Bind Cache should die then so the old answers should die with the cache. If I do cat /etc/bind/pri.domain.com I get the correct domain info. (Symbolic link to chroot.) If I do dig @localhost domain.com I get the old (wrong) record. (Its wierd. Notice the SOA's are in different order!!! How can they switch places? Could there be something wrong with the .nimet.info domain it self?) If I do it again I get the correct answer... [email protected]:/etc/bind# nslookup > mail.domain.fi Server: 127.0.0.1 Address: 127.0.0.1#53 Name: mail.domain.fi Address: 79.134.108.181 > exit [email protected]:/etc/bind# cat pri.domain.fi $TTL 43200 @ IN SOA ns1.nimet.info. admin.domain.fi. ( 2009032302 ; serial, todays date + todays serial # 3600 ; refresh, seconds 1800 ; retry, seconds 86400 ; expire, seconds 43200 ) ; minimum, seconds ; NS ns1.nimet.info. ; Inet Address of name server 1 NS ns2.nimet.info. ; Inet Address of name server 2 ; MX 10 mail.domain.fi. domain.fi. A 79.134.108.172 www A 79.134.108.172 mail A 79.134.108.181 ;;;; MAKE MANUAL ENTRIES BELOW THIS LINE! ;;;; [email protected]:/etc/bind# dig @localhost mail.domain.fi ; <<>> DiG 9.4.2 <<>> @localhost mail.domain.fi ; (1 server found) ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 43408 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 0 ;; QUESTION SECTION: ;mail.domain.fi. IN A ;; ANSWER SECTION: mail.domain.fi. 43200 IN A 79.134.108.181 ;; AUTHORITY SECTION: domain.fi. 43200 IN NS ns2.nimet.info. domain.fi. 43200 IN NS ns1.nimet.info. ;; Query time: 0 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Tue Mar 24 14:37:34 2009 ;; MSG SIZE rcvd: 91 Then the next time I get a different answer... [email protected]:/etc/bind# dig @localhost mail.domain.fi ; <<>> DiG 9.4.2 <<>> @localhost mail.domain.fi ; (1 server found) ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 14313 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 0 ;; QUESTION SECTION: ;mail.domain.fi. IN A ;; ANSWER SECTION: mail.domain.fi. 43200 IN A 79.134.108.181 ;; AUTHORITY SECTION: domain.fi. 43200 IN NS ns1.nimet.info. domain.fi. 43200 IN NS ns2.nimet.info. ;; Query time: 0 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Tue Mar 24 14:40:16 2009 ;; MSG SIZE rcvd: 91
Thats weird indeed. For me it looks like the one time the ns1 and the other time the ns2 is queried. I know that this should not happen if you run dig @localhost, but who knows. Please check that all nameservers that are authoritive for the domain nimet.info return the correct IP addresses for ns1.nimet.info and ns2.nimet.info and also check with whos and the interface of your domain registry that there are no ns records in the dns servers of the registry stored with other IP addresses.
