Astaro DNS Zone Transfer problem
There is a bug in the astaro version 7 preventing dns zone transfers.
You can do (and test) a dns zone transfer this way:
dig @<dns-server> -t AXFR <domain>
If you don’t get a large list, you (source ip) aren’t permitted or astaro is used as firewall.
You have to do this:
- Define a new service (Definitions->Services), you cannot edit it. Take the current existing dns-service as reference but change the field “Type of Definition” from “UDP” to “TCP/UDP”. Name it “DNS tmp” or so.
- Change all your packet filter rules which uses the service “DNS” to “DNS tmp”.
- Now you can remove the original (and buggy) service definition and rename yours from “DNS tmp” to “DNS”.
You will now be able to successfully do a dns zone transfer!
