DNSSEC zones not updated

Jukka Pakkanen jukka.pakkanen at qnet.fi
Wed Jan 22 11:11:05 UTC 2020

Running BIND 9.14.9 Windows.   The zone data is not updated for some reason anymore, and same problem in all our signed zones. Example "gemtrade.fi":

zone "gemtrade.fi" {
    type master;
    file "named.gemtrade";
    inline-signing yes;
    auto-dnssec maintain;

;    File:      named.gemtrade
$TTL 60
@        IN SOA    ns1.qnet.fi. helpdesk.qnet.fi. (
              202001234  ; serial number
              28800      ; refresh every 12 hours
              7200       ; retry after 2 hours
              604800     ; expire after 2 weeks
              33600)     ; default ttl is 2 days
gemtrade.fi.        IN A
                             IN MX     55 qntsrv8.qnet.fi.
                IN MX     25 qntsrv9.qnet.fi.
                             IN NS     ns1.qnet.fi.
                             IN NS     ns2.qnet.fi.
                             IN NS     ns3.qnet.fi.
www             IN A   
_autodiscover._tcp      IN SRV    0 5 443 mail.qnet.fi.
localhost.gemtrade.fi.       IN A

Used to work fine, now no matter what change I make to the zone file and reload, it does not show up in queries, but the old data, weeks behind.  The SOA & serial numbers *are* updating in the queries, but the actual records not.  Example the MX records, currently I have priorities 55 and 25, still inquiries return the old 20 and 20. Same with any records, the changes does not get updated.

Deleting the .jnl file does not help, after "rndc reload gemtrade.fi" a new .jnl file is created, but queries still return old data.

The named process has all possible rights in the file structure.

What might be wrong?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20200122/2d063942/attachment.htm>

More information about the bind-users mailing list