Trouble with Incremental Zone Transfers

Jun 12, 2011 at 12:49 PM
Edited Jun 12, 2011 at 1:15 PM

I'm trying to script some incemental zone transfers and comparing results with the BIND dig utility. Complete zone transfers are working fine but I'm getting no answer from get-dns when trying to an incremental:

PS U:\> get-dns -name 1.2.3.4.5.6.7.e164.arpa. -server server.company.com -zonetransfer -incremental 2011061006

Header     : ID: 30351 IsResponse: TRUE OpCode: QUERY RCode: FORMERR Flags: NONE Query: 1 Answer: 0 Authority: 0 Add             onal: 0
Question   : 1.2.3.4.5.6.e164.arpa. IN IXFR
Answer     :
Authority  :
Additional :
Server     : server.company.com
Size       : 41
TimeTaken  : 1815.1039

The equivalent dig command returns valid output (edited below):

C:\>dig.exe @server.company,com ixfr=2011061006  1.2.3.4.5.6.e164.arpa.

; <<>> DiG 9.5.0-P2 <<>> @server.company.com ixfr=2011061006 1.2.3.4.5.6.e164.arpa.
; (1 server found)
;; global options:  printcmd
1.2.3.4.5.6.e164.arpa. 86400  IN      SOA     server.company.com. hostmaster.1.2.3.4.5.6.e164.arpa. 2011061020 28800 7200 604800 7200
4.1.2.3.4.5.6.e164.arpa. 300 IN TXT     "userid, +11111111111, I, Y"
1.2.3.4.5.6.e164.arpa. 86400  IN      SOA     server.company.com. hostmaster.1.2.3.4.5.6.e164.arpa. 2011061020 28800 7200 604800 7200
0.1.0.3.1.2.3.4.5.6.e164.arpa. 300 IN TXT     "userid, +11111111111, D, Y"
1.2.3.4.5.6.e164.arpa. 86400  IN      SOA     server.company.com. hostmaster.1.2.3.4.5.6.e164.arpa. 2011061020 28800 7200 604800 7200
9.3.3.3.1.2.3.4.5.6.e164.arpa. 300 IN TXT     "userid, +11111111111, L, Y"
;; Query time: 744 msec
;; SERVER: 1.2.3.4#53(128.181.6.16)
;; WHEN: Sun Jun 12 13:40:54 2011
;; XFR size: 55 records (messages 1, bytes 2079)

 It looks like the incremental serial may not be passed in the question when using get-dns.

Or am I doing something wrong here?

Coordinator
Jun 13, 2011 at 8:21 AM

You're not. It's a bug, looking into it, will try and fix it this week.

Chris

Coordinator
Jun 13, 2011 at 9:54 AM
Edited Jun 13, 2011 at 11:15 AM

Should be fixed in 0.4.4 if you'd like to give it a try?

Cheers!

Chris

Jun 13, 2011 at 10:44 AM

Looks much better - thanks for fast response!

Jun 13, 2011 at 2:32 PM

Chris,

Not sure if I'm seeing another bug (in 0.4.4)...

Requesting an incremental zone transfer using get-dns with the current (unchanged) zone serial number causes a timeout warning (although results are returned):

PS U:\> get-dns -name 1.2.3.4.5.6.e164.arpa. -server server.company.com -zonetransfer -incremental 2011061033

Header     : ID: 61420 IsResponse: TRUE OpCode: QUERY RCode: NOERROR Flags: RA, AA Query: 1 Answer: 1 Authority: 0 Addi             tional: 0
Question   : 1.2.3.4.5.6.e164.arpa. IN IXFR
Answer     : 1.2.3.4.5.6.e164.arpa. 86400 IN SOA server.company.com. hostmaster.1.2.3.4.5.6.e164.arpa. 2011061033 2 8800 7200 604800 7200
Authority  :
Additional :
Server     : server.company.com
Size       : 106
TimeTaken  : 1733.1733

Get-Dns : A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond
At line:1 char:8
+ get-dns <<<<  -name 1.2.3.4.5.6.e164.arpa. -server sever.company.com -zonetransfer -incremental 2011061033
    + CategoryInfo          : NotSpecified: (:) [Get-Dns], SocketException
    + FullyQualifiedErrorId : System.Net.Sockets.SocketException,DnsShell.PowerShell.CmdLet.GetDns

Since results are returned it's not critical but I thought you might want to know...

Coordinator
Jun 13, 2011 at 2:39 PM

Tested with serials greater than the zones, and less than, but not equal to. So thank you :) I'll fix it.

Chris

Jun 19, 2012 at 9:19 AM

Hi Chris,

Do you think you will have time to fix this? I opened an issue at http://dnsshell.codeplex.com/workitem/506.

Many thanks!