BIND - in loop rewrite zone serial no.

Milan Jeskynka Kazatel KazatelM at seznam.cz
Tue Jan 28 12:16:13 UTC 2020


Hello Emmanuel,



I´m confused about this behavior. 

Why does Bind keep resign zone in a loop over and over in a few minutes? In 
this log strip is it from serial 2020011053 to serial 2020011059 between 11:
51 and 12:08?




Thanks for the explanation.
-- 
Smil Milan Jeskyňka Kazatel

---------- Původní e-mail ----------
Od: bind-users-request at lists.isc.org
Komu: bind-users at lists.isc.org
Datum: 28. 1. 2020 13:03:46
Předmět: bind-users Digest, Vol 3356, Issue 1 
"Send bind-users mailing list submissions to 
bind-users at lists.isc.org 

To subscribe or unsubscribe via the World Wide Web, visit 
https://lists.isc.org/mailman/listinfo/bind-users 
or, via email, send a message with subject or body 'help' to 
bind-users-request at lists.isc.org 

You can reach the person managing the list at 
bind-users-owner at lists.isc.org 

When replying, please edit your Subject line so it is more specific 
than "Re: Contents of bind-users digest..." 


Today's Topics: 

1. BIND - in loop rewrite zone serial no. (Milan Jeskynka Kazatel) 
2. Re: BIND - in loop rewrite zone serial no. (FUSTE Emmanuel) 


---------------------------------------------------------------------- 

Message: 1 
Date: Tue, 28 Jan 2020 10:14:49 +0100 (CET) 
From: "Milan Jeskynka Kazatel" <KazatelM at seznam.cz> 
To: <bind-users at lists.isc.org> 
Subject: BIND - in loop rewrite zone serial no. 
Message-ID: <YyD.6dwT.5V2I6Oea}sX.1UB}k9 at seznam.cz> 
Content-Type: text/plain; charset="utf-8" 


Hello, 



my previous email with the same subject still waiting for moderator 
approval, because email is too big. 

Then I have to ask with a shorter part of the log. 





I?m facing with a suspicious behavior of my authoritative DNS?BIND?9.11.4-P2

-RedHat-9.11.4-9.P2.el7(http://9.11.4-p2-redhat-9.11.4-9.p2.el7/), when the 

application sometimes does a loop of zone serial reconfiguration. In the 
log, it looks like this 






Jan 15 11:51:10 mydnsserver01 named[1172]: zone?0.10.in-addr.arpa/IN 
(http://0.10.in-addr.arpa/IN)?(signed): sending notifies (serial 2020011053)


Jan 15 11:51:45 mydnsserver01 named[1172]: zone?0.10.in-addr.arpa/IN 
(http://0.10.in-addr.arpa/IN)?(signed): sending notifies (serial 2020011054)


Jan 15 11:54:55 mydnsserver01 named[1172]: zone?0.10.in-addr.arpa/IN 
(http://0.10.in-addr.arpa/IN)?(signed): sending notifies (serial 2020011055)


Jan 15 11:58:30 mydnsserver01 named[1172]: zone?0.10.in-addr.arpa/IN 
(http://0.10.in-addr.arpa/IN)?(signed): sending notifies (serial 2020011056)


Jan 15 11:59:56 mydnsserver01 named[1172]: zone?0.10.in-addr.arpa/IN 
(http://0.10.in-addr.arpa/IN)?(signed): sending notifies (serial 2020011057)


Jan 15 12:03:58 mydnsserver01 named[1172]: zone?0.10.in-addr.arpa/IN 
(http://0.10.in-addr.arpa/IN)?(signed): sending notifies (serial 2020011058)


Jan 15 12:04:09 mydnsserver01 named[1172]: zone?0.10.in-addr.arpa/IN 
(http://0.10.in-addr.arpa/IN)?(signed): sending notifies (serial 2020011059)


Jan 15 12:08:01 mydnsserver01 named[1172]: zone?0.10.in-addr.arpa/IN 
(http://0.10.in-addr.arpa/IN)?(signed): reconfiguring zone keys 







Could you please help me with troubleshooting? 




Best regards,? 
-- 
Smil Milan Jesky?ka Kazatel 
-------------- next part -------------- 
An HTML attachment was scrubbed... 
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20200128/384ad
214/attachment-0001.htm> 

------------------------------ 

Message: 2 
Date: Tue, 28 Jan 2020 09:17:54 +0000 
From: FUSTE Emmanuel <emmanuel.fuste at thalesgroup.com> 
To: "bind-users at lists.isc.org" <bind-users at lists.isc.org> 
Subject: Re: BIND - in loop rewrite zone serial no. 
Message-ID: <c819b0fa-18d0-7613-1c9e-2f5db9eccebd at thalesgroup.com> 
Content-Type: text/plain; charset="utf-8" 

Le 28/01/2020 ? 10:14, Milan Jeskynka Kazatel a ?crit?: 
> 
> Hello, 
> 
> my previous email with the same subject still waiting for moderator 
> approval, because email is too big. 
> Then I have to ask with a shorter part of the log. 
> 
> I?m facing with a suspicious behavior of my authoritative DNS BIND 
> 9.11.4-P2-RedHat-9.11.4-9.P2.el7 
> <http://9.11.4-p2-redhat-9.11.4-9.p2.el7/>, when the application 
> sometimes does a loop of zone serial reconfiguration. In the log, it 
> looks like this 
> 
> Jan 15 11:51:10 mydnsserver01 named[1172]: zone 0.10.in-addr.arpa/IN 
> <http://0.10.in-addr.arpa/IN>?(signed): sending notifies (serial 
> 2020011053) 
> Jan 15 11:51:45 mydnsserver01 named[1172]: zone 0.10.in-addr.arpa/IN 
> <http://0.10.in-addr.arpa/IN>?(signed): sending notifies (serial 
> 2020011054) 
> Jan 15 11:54:55 mydnsserver01 named[1172]: zone 0.10.in-addr.arpa/IN 
> <http://0.10.in-addr.arpa/IN>?(signed): sending notifies (serial 
> 2020011055) 
> Jan 15 11:58:30 mydnsserver01 named[1172]: zone 0.10.in-addr.arpa/IN 
> <http://0.10.in-addr.arpa/IN>?(signed): sending notifies (serial 
> 2020011056) 
> Jan 15 11:59:56 mydnsserver01 named[1172]: zone 0.10.in-addr.arpa/IN 
> <http://0.10.in-addr.arpa/IN>?(signed): sending notifies (serial 
> 2020011057) 
> Jan 15 12:03:58 mydnsserver01 named[1172]: zone 0.10.in-addr.arpa/IN 
> <http://0.10.in-addr.arpa/IN>?(signed): sending notifies (serial 
> 2020011058) 
> Jan 15 12:04:09 mydnsserver01 named[1172]: zone 0.10.in-addr.arpa/IN 
> <http://0.10.in-addr.arpa/IN>?(signed): sending notifies (serial 
> 2020011059) 
> Jan 15 12:08:01 mydnsserver01 named[1172]: zone 0.10.in-addr.arpa/IN 
> <http://0.10.in-addr.arpa/IN>?(signed): reconfiguring zone keys 
> 
> Could you please help me with troubleshooting? 
There is no problems. 
Periodic incremental resigning. 

Emmanuel. 

------------------------------ 

Subject: Digest Footer 

_______________________________________________ 
bind-users mailing list 
bind-users at lists.isc.org 
https://lists.isc.org/mailman/listinfo/bind-users 


------------------------------ 

End of bind-users Digest, Vol 3356, Issue 1 
******************************************* 
"
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20200128/b58beb20/attachment.htm>


More information about the bind-users mailing list