This is the second time this has happened and I don't understand why...

I have two dns zones; "" and "". Novell DNS runs the "" and MS DNS runs the "". MS servers point to and register in the ad zone. Linux, Unix, and Novell servers point to and get registered in the root zone. Workstations point to the Novell DNS. Novell DNS exists in a cluster and is highly redundant. Both zones perform zone transfers to get the others information so that whatever dns system you query, you can get an answer from (ie. is configured as secondary in Novell, is configured as seconday in MS).

Every so often, the secondary zone "" becomes "corrupt" on the Novell side. RRsets go missing, A records disappear, etc. When this happens to the RRset of the MS DC's, people can no longer log into AD or use AD tools.

Initiating a zone transfer does not fix the problem. Incrementing the serial number does not fix the problem. Deleting the RRset for the DC's from AD, recreating them, and then zone transfer can sometimes fix it but not always (the A records come back for a short time but then go missing in Novell DNS an hour or so later). The best fix is to delete the entire zone from Novell DNS, wait for obits to purge, recreate it, force a zone transfer, wait for it to populate.

Any idea's where I can look?

While the zone transfer occurs, I see lots of 601, 602, malformed transaction, and unable to set file attributes on error messages on my NAMED.nlm screen set with DL=0. Once the zone transfer completes, these errors go away. Not sure if this is normal during the process. A Novell TID says to ignore the malformed transaction errors during heavy zone loadins so I can believe that error is normal during this process.