Zone Not Updating On Master

Kevin Darcy kcd at daimlerchrysler.com
Sat Nov 4 02:31:00 UTC 2006 

RickWaukCo wrote:
> I'm trying to make a change to our internal master DNS server that
> servers our internal DNS.  A change was made to the zone file.  The
> serial number was updated.  named was stopped and restarted.  However,
> when I go to check the change, it didn't take effect.
>
> Here's the top of the zone file:
>
> **********
> $TTL 86400
> @       IN SOA  dns.waukeshacounty.gov. root.dns.waukeshacounty.gov. (
>  2006110302     ; Serial Number (yyyymmddnn)
>  7200           ; Refresh Time - 2 Hours
>  1800           ; Retry Interval - 30 Minutes
>  1209600        ; Expire Interval - 2 Weeks
>  86400)         ; TTL - 1 day
> **********
>
> However, when I run this dig command against the master:
>
> **********
> dig soa waukeshacounty.gov @10.100.0.5
> **********
>
> It responds with the following:
>
> **********
> ; <<>> DiG 9.2.0 <<>> soa waukeshacounty.gov @10.100.0.5
> ;; global options:  printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 21260
> ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
>
> ;; QUESTION SECTION:
> ;waukeshacounty.gov.            IN      SOA
>
> ;; ANSWER SECTION:
> waukeshacounty.gov.     86400   IN      SOA     dns.waukeshacounty.gov.
> root.dns.waukeshacounty.gov. 200611013 7200 1800 1209600 86400
>
> ;; AUTHORITY SECTION:
> waukeshacounty.gov.     86400   IN      NS      dns.waukeshacounty.gov.
> waukeshacounty.gov.     86400   IN      NS
> dns10.waukeshacounty.gov.
>
> ;; ADDITIONAL SECTION:
> dns.waukeshacounty.gov. 86400   IN      A       10.100.0.5
> dns10.waukeshacounty.gov. 86400 IN      A       10.100.0.10
>
> ;; Query time: 0 msec
> ;; SERVER: 10.100.0.5#53(10.100.0.5)
> ;; WHEN: Fri Nov  3 15:38:22 2006
> ;; MSG SIZE  rcvd: 147
> **********
>
> Notice how the serial number in the dig response is older than the
> serial number in the zone file.
>
> I have checked the bind logs and don't see anything in there to
> indicate any problems with the zone file, but I'm guessing there is a
> problem.
>
> Any ideas?  Am I right in that it's probably a typo in the zone file?
> What's the easiest way to find the error?  My zone file is huge (~1200
> lines) and I'm not the one who typically makes changes to it so it's
> hard to say where the typo might be if there is one.
>   
My first thought was that you had "wrapped" the serial number, since the 
new one is 10 digits and the old one is only 9 digits (was that 
intentional?). But a brief review of RFC 1982 leads me to believe that 
since the increment stayed under 2147483647 you should be OK (others are 
welcome to check my math on that).

The only other thing that comes immediately to mind is if Dynamic Update 
(i.e. "allow-update") is enabled for the zone. If that's the case and 
you didn't take steps to prevent it, named might have overwritten your 
manual changes with a journal merge.

                                                                         
                        - Kevin

More information about the bind-users mailing list