[Pdns-users] strange bevaviour of serial increasing

Frank Altpeter frank.altpeter at gmail.com
Thu Apr 25 13:14:27 UTC 2019 

Dear list,

I've come up with a very strange behaviour and after some quite intensive
search, I wasn't able to find any information about that topic.

I'm running a powerdns-4.1.8 with mysql-backend on my master, and a 4.1.8
with mysql-backend on the slave. Master zones are configured as MASTER, so
notifies are sent.

In case it's relevant, the master has the setting
default-soa-edit=INCEPTION-INCREMENT
for convenience. I like the retro-style of the serials. The zones are not
signed, though.

Now, when updating a zone via "pdnsutil edit-zone", I'm currently required
to update the serial afterwards. But after doing that, the serial values
between master and slave are different. As you see in the below example,
it's even different between the database entry and the data that gets
output on a dns query:

- step 1 - manually increase serial
root at master:~ # pdnsutil increase-serial einhorn.bar
SOA serial for zone einhorn.bar set to 2019042505

- step 2 - verify database entry
root at master:~ # echo "select content from records where name =
'einhorn.bar' and type='SOA'" | mysql pdns
content
ns1.foxalpha.de. frank.altpeter.de. 2019042505 10800 3600 604800 3600

root at slave:~ # echo "select content from records where name = 'einhorn.bar'
and type='SOA'" | mysql pdns
content
ns1.foxalpha.de frank.altpeter.de 2019042507 10800 3600 604800 3600

- step 3 - verify dns output
user at workstation ~ % dig +short +noshort @ns1.foxalpha.de einhorn.bar soa
einhorn.bar. 3600 IN SOA ns1.foxalpha.de. frank.altpeter.de. 2019042507
10800 3600 604800 3600

user at workstation ~ % dig +short +noshort @s-dns.irz42.net einhorn.bar soa
einhorn.bar. 3600 IN SOA ns1.foxalpha.de. frank.altpeter.de. 2019042509
10800 3600 604800 3600

You see, serial in master's db is 5, output on dns query is 7, so this is
what slave's AXFR gets, therefore slave's database entry is 7, and slave's
output on dns query is 9.
So, it seems that powerdns is adding 2 to any database serial value. But
why? Problem is, that it makes incredible problems when it comes to serial
update and freshness monitoring. Also, some of my customers that use the
same slave server are using bind, which seems to make lots of problems for
them when slave's serial doesn't match master's serial.

Does anyone have an idea what's wrong here?

-- 
with clueless regards,

        Frank Altpeter

-- 
FA-RIPE
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20190425/b64065dd/attachment.html>

More information about the Pdns-users mailing list