bind 9 goes rogue and revert zone information

Mukund Sivaraman muks at isc.org
Tue Feb 7 14:42:03 UTC 2017 

Hi Raul

On Tue, Feb 07, 2017 at 12:03:40PM -0200, Raul Dias wrote:
> Hello,
> 
> I have a very strange behavior that I am failing to understand.
> 
> 2 to 5 times a week, a named server revert back to a previous version os a
> master zone.
> This happens during the night, usually around 20h EST.
> 
> This zone has a serial of 3017020401 (yes, I typo the 3 somewhere in the
> past).
> When it reverts its zone information, it goes back to 3016060101.
> 
> I have updated, restarted the host, clean all cache and journal files, grep
> all files in the host for 3016060101 (just shows up in the logs).
> 
> So, I have no clue why, or how it is happening. Where does it get the old
> information.
> 
> I thought first about the serial, but it would have happened in the past
> too, right?  As it should be a 32bit unsigned integer, it shouldn't be a
> problem, IMHO.
> 
> Yet, when "dig domain -t SOA @server", it is there again.
> 
> The host is a debian Jessie and bind is 9.9.5, 1:9.9.5.dfsg-9+deb8u8 more
> specifically.

When you say "When it reverts its zone information", how are you
observing it? Are you reading the master file from disk to check what's
in it, or are you doing a dig for the SOA record to check the serial?
By this, I'm asking if your master file is in sync with the journal if
you're reading it directly (rndc sync).

After the zone has a serial of 3017020401, is it updated in any way?  Do
you run any rndc commands against the nameserver during this time?

Is the serial value 3016060101 of any significance? You say it "reverts
back to a previous version". Was 3016060101 a previously observed
serial? What happens to the contents of the zone? Are the contents the
same, or do they appear to have older data?

When you clean journal files, have they been sync'd into the master
file?

You mention again "get the old information".. does it mean that you
noticed that the zone contains old data? How are you checking the
contents? Directly by reading the master file or via query?

Can you send the output of named-checkconf -px for your named config?
If you want details to be private, you can create a bug ticket by
mailing it to <bind9-bugs at isc.org>.

		Mukund
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: not available
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20170207/fc3a58e4/attachment.bin>

More information about the bind-users mailing list