[Pdns-users] SOA serial strange behaviour
Frank Altpeter
frank.altpeter at gmail.com
Thu Jul 26 12:24:44 UTC 2018
Hi,
Brian Candler <b.candler at pobox.com> schrieb am Do., 26. Juli 2018 um
12:36 Uhr:
> p-dns:~ # grep SOA /var/named/slave/floppysheep.com
> @ 432000 SOA koef.zs64.net. hostmaster.zs64.net. 2018072400 86400 3600
> 3888000 300
>
> Which server is that file on? The hidden primary, real primary, or slave?
>
Based on the directory, it's the slave :-)
> Anyway, if I do a query now, it seems to have updated:
>
> correct. This is because I disabled the DEFAULT-SOA-EDIT setting. If I
reenable it. the SOA records are as mentioned again.
After reading more and more of the docs, I think I might have found the
reason for that. It seems that the INCEPTION-INCREMENT value for SOA-EDIT
makes the serial dynamic based on the last time the zone has been signed.
Which is odd, since DNSSEC is not enabled on this zone. So I think powerdns
does auto-increase the serial anyway, based on the current serial, as
mentioned in
https://doc.powerdns.com/authoritative/dnssec/operational.html#inception-increment
but
without the "incremented by two" part, but with "incremented by two days"
part.
However, I don't get why this setting affects non-DNSSEC zones.
It could just be that you don't have notifications configured properly, so
> the slaves (including "real primary" which is really a slave) only update
> periodically. You have a refresh interval of 86400 seconds set, so it could
> take that long for the updates to propagate if notifications aren't working.
>
> Nope :-)
Been there, done that, e.g. manually sent notifications to the slaves to
check that, which works fine, but the serial didn't change by that.
Regards,
Frank
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20180726/7466a942/attachment.html>
More information about the Pdns-users
mailing list