Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Thursday, August 10, 2017 5:44 PM
I'm looking to perform zone transfer from BIND Master to Windows 2012 R2 secondary zone and its failing. If I run Dig or nslookup to perform the transfer on the Windows DNS server, it completes successfully. However, dig and nslookup does not update the Windows DNS secondary zone as expected. I have the same configuration in other sites and zone transfers are working fine. The correct network ports/protocols are opened for all sites so I don't think network firewall is the issue at this time.
All replies (6)
Friday, August 11, 2017 6:10 AM
Hi adr1an5,
>>I'm looking to perform zone transfer from BIND Master to Windows 2012 R2 secondary zone and its failing.
Are there any errors? In addition, please check event logs to see if there are something useful for us to troubleshooting.
Please refer to the checklist of migrating zones from BIND servers.
1.Configure the BIND servers as the master servers for each of the zones that you want to migrate.
2.On the server running the DNS Server service, add secondary zones for all of your existing zones that are hosted at the BIND-based DNS servers.
3.If necessary, create reverse lookup zones for all of your existing reverse lookup zones that are hosted at the BIND-based DNS servers.
4.After completing the zone transfers, convert any of the secondary zones to primary zones for the zones that were obtained from primary zones at the BIND servers.
5.Optional: If the DNS server is a domain controller, store the zone in Active Directory Domain Services (AD DS).
6.Configure the previous primary servers to be secondary servers for the migrated zones, or demote the previous primary servers.
7.For the other secondary zones that remain, update the master servers for those zones to use the new primary DNS servers.
For your reference:
https://technet.microsoft.com/en-us/library/cc755303(v=ws.11).aspx?f=255&mspperror=-2147217396
Best Regards,
Candy
Please remember to mark the replies as answers if they help.
If you have feedback for TechNet Subscriber Support, contact [email protected].
Tuesday, August 15, 2017 8:45 AM
Hi adr1an5,
Just checking in to see if the information provided was helpful.
Please let us know if you would like further assistance.
Best Regards,
Candy
Please remember to mark the replies as answers if they help.
If you have feedback for TechNet Subscriber Support, contact [email protected].
Tuesday, August 15, 2017 2:39 PM
Seeing the following error in DNS event log for each zone.
Failed transfer of zone ******.com from DNS server at xx.xxx.xxx.xxx (Master IP). The DNS server at "Master IP" aborted or failed to complete transfer of the zone. Check the DNS server at (Master IP) and ensure it is properly functioning and authoritative for zone *******.com.
The info you provided is how I configured the Secondary zone on the windows DNS server.
Friday, August 18, 2017 9:22 AM
Hi adr1an5,
The error may be caused that the zone transfer failed to take place because the expiration time in the SOA record located on the primary server (the source of the zone information for a secondary server) expired. The primary server might be down.
Verify that the master server of the secondary zone is authoritative for the zone and that the master server is configured to transfer the zone to the secondary server.
For your reference:
https://technet.microsoft.com/en-us/library/cc957701.aspx
Event ID 6534 — DNS Server Zone Transfer
https://technet.microsoft.com/en-us/library/dd349618(v=ws.10).aspx
Best Regards,
Candy
Please remember to mark the replies as answers if they help.
If you have feedback for TechNet Subscriber Support, contact [email protected].
Monday, August 21, 2017 10:11 AM
Hi adr1an5,
Just checking in to see if the information provided was helpful.
Please let us know if you would like further assistance.
Best Regards,
Candy
Please remember to mark the replies as answers if they help.
If you have feedback for TechNet Subscriber Support, contact [email protected].
Wednesday, October 11, 2017 8:54 PM
This turned out to be a config issue on the Bind server.