I have 2 debian 7 VPS both running a few services, with ISPConfig running on one of them to manage both.
If I log into my primary server (ns1.example.com) and I do:
DiG @ns1.example.com any example.com
DiG @ns2.example.com any example.com
ns1 responds fine with all of my records, but NS2 does not:
; <<>> DiG 9.8.4-rpz2+rl005.12-P1 <<>> @ns2.example.com any example.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 45647
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available
However, if I log into my secondary server (ns2), and run the same 2 commands, both return the correct DNS records
I am extremely new to BIND, so I'm struggling a bit with this, but I'm guessing it's just something to do with the network/bind config, as both servers look like they have all the records, ns2 just isn't passing them to other servers?
edit: not sure if this would be better on serverfault now that i've posted it..
The answer is that ns2 is configured differently to ns1.
Ns1 is refusing your request.