Event ID 6523 — DNS Server Zone Transfer
Applies To: Windows Server 2008 R2
.jpg)
Domain Name System (DNS) enhances fault tolerance and load balancing by providing for server redundancy. For any given zone, a DNS server can act as a primary master server, which is the authority for a zone, or as a secondary server, which obtains its zone data from the zone's primary master server or another secondary server. This process is known as zone transfer.
Event Details
| Product: | Windows Operating System |
| ID: | 6523 |
| Source: | Microsoft-Windows-DNS-Server-Service |
| Version: | 6.1 |
| Symbolic Name: | DNS_EVENT_XFR_MASTER_UNAVAILABLE |
| Message: | Zone %1 failed zone refresh check. Unable to connect to master DNS server at %2 to receive zone transfer. Check that the zone contains correct IP address for the master server or if network failure has occurred. For more information, see "To update the master server for a secondary zone" in the online Help. If available, you can specify more than one master server in the list for this zone. |
Resolve
Check the master DNS server
If a zone transfer for a secondary zone on the local DNS server is failing, check that the zone is configured to use the correct master server.
To perform this procedure, you must have membership in Administrators, or you must have been delegated the appropriate authority.
To check the master server for a secondary zone:
- On the secondary DNS server, open DNS Manager. To open DNS Manager, click Start, click Administrative Tools, and then click DNS.
- In the console tree, expand the secondary DNS server, and then expand the folder that contains the zone.
- Right-click the zone, and then click Properties.
- On the General tab, confirm that the Master Servers list contains one or more servers that are authoritative for the zone.
- Click Edit, and then confirm that the IP addresses of the listed servers have been validated.
If the configuration of the zone at the master DNS server appears to be correct, ensure that the master DNS server is functioning properly and that it can be accessed by the secondary DNS server.
Verify
Verify that all DNS servers that are authoritative for a zone have the same serial number for the zone.
To view the serial number for a zone:
- On the DNS server, open DNS Manager. To open DNS Manager, click Start, click Administrative Tools, and then click DNS.
- In the console tree, right-click DNS, and then click Connect to DNS Server.
- Click The following computer, type the DNS name or IP address of the authoritative DNS server, and then click OK.
- In the console tree, expand the DNS server, and then expand the folder that contains the zone.
- Right-click the zone, and then click Properties.
- Click the Start of Authority tab, and note the value in Serial number.
Note: If dynamic updates are enabled for the zone, or if an administrator changes the zone between the time that you check the master and secondary servers, the serial number on the master server can be slightly higher than the number on secondary servers.