I'm trying to use the DNS server of our Synology as master, and using a Linux box as a slave. I allowed the Linux box's IP address as a allowed host for zone transfer.
I can copy the zone with dig:
Code: Select all
[root@slave-dns ~]# dig axfr @192.168.1.55 my-domain
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.47.rc1.el6_8.1 <<>> axfr @192.168.1.55 my-domain; (1 server found);; global options: +cmd
my-domain. 10800 IN SOA panoramix3.local. admin.my-domain. 2016101901 3600 3600 604800 3600
my-domain. 10800 IN NS slave-dns.my-domain.
But with bind, I get timeouts:
Code: Select all
Oct 20 09:22:38 slave-dns named[9783]: zone my-domain/IN: refresh: retry limit for master 198.168.1.55#53 exceeded (source 0.0.0.0#0)
Oct 20 09:22:38 slave-dns named[9783]: zone my-domain/IN: Transfer started.
Oct 20 09:23:41 slave-dns named[9783]: transfer of 'my-domain/IN' from 198.168.1.55#53: failed to connect: timed out
Oct 20 09:23:41 slave-dns named[9783]: transfer of 'my-domain/IN' from 198.168.1.55#53: Transfer completed: 0 messages, 0 records, 0 bytes, 63.000 secs (0 bytes/sec)
I used tcpdump to look at the traffic, and UDP packets are sent to the Synology, but no reply is coming back.
The firewall on the Synology is turned off, and the UDP port seems to be open:
Code: Select all
[root@slave-dns ~]# nmap -sU 192.168.1.55 -p 53
Starting Nmap 5.51 ( http://nmap.org ) at 2016-10-20 09:34 EDTN
map scan report for panoramix3.local (192.168.1.55)
Host is up (0.00071s latency).
PORT STATE SERVICE
53/udp open domain
MAC Address: xxxxx (Synology Incorporated)
I really don't understand why I get timeout.