BIND - in loop rewrite zone serial no.
Milan Jeskynka Kazatel
KazatelM at seznam.cz
Tue Jan 28 12:16:13 UTC 2020
Hello Emmanuel,
I´m confused about this behavior.
Why does Bind keep resign zone in a loop over and over in a few minutes? In
this log strip is it from serial 2020011053 to serial 2020011059 between 11:
51 and 12:08?
Thanks for the explanation.
--
Smil Milan Jeskyňka Kazatel
---------- Původní e-mail ----------
Od: bind-users-request at lists.isc.org
Komu: bind-users at lists.isc.org
Datum: 28. 1. 2020 13:03:46
Předmět: bind-users Digest, Vol 3356, Issue 1
"Send bind-users mailing list submissions to
bind-users at lists.isc.org
To subscribe or unsubscribe via the World Wide Web, visit
https://lists.isc.org/mailman/listinfo/bind-users
or, via email, send a message with subject or body 'help' to
bind-users-request at lists.isc.org
You can reach the person managing the list at
bind-users-owner at lists.isc.org
When replying, please edit your Subject line so it is more specific
than "Re: Contents of bind-users digest..."
Today's Topics:
1. BIND - in loop rewrite zone serial no. (Milan Jeskynka Kazatel)
2. Re: BIND - in loop rewrite zone serial no. (FUSTE Emmanuel)
----------------------------------------------------------------------
Message: 1
Date: Tue, 28 Jan 2020 10:14:49 +0100 (CET)
From: "Milan Jeskynka Kazatel" <KazatelM at seznam.cz>
To: <bind-users at lists.isc.org>
Subject: BIND - in loop rewrite zone serial no.
Message-ID: <YyD.6dwT.5V2I6Oea}sX.1UB}k9 at seznam.cz>
Content-Type: text/plain; charset="utf-8"
Hello,
my previous email with the same subject still waiting for moderator
approval, because email is too big.
Then I have to ask with a shorter part of the log.
I?m facing with a suspicious behavior of my authoritative DNS?BIND?9.11.4-P2
-RedHat-9.11.4-9.P2.el7(http://9.11.4-p2-redhat-9.11.4-9.p2.el7/), when the
application sometimes does a loop of zone serial reconfiguration. In the
log, it looks like this
Jan 15 11:51:10 mydnsserver01 named[1172]: zone?0.10.in-addr.arpa/IN
(http://0.10.in-addr.arpa/IN)?(signed): sending notifies (serial 2020011053)
Jan 15 11:51:45 mydnsserver01 named[1172]: zone?0.10.in-addr.arpa/IN
(http://0.10.in-addr.arpa/IN)?(signed): sending notifies (serial 2020011054)
Jan 15 11:54:55 mydnsserver01 named[1172]: zone?0.10.in-addr.arpa/IN
(http://0.10.in-addr.arpa/IN)?(signed): sending notifies (serial 2020011055)
Jan 15 11:58:30 mydnsserver01 named[1172]: zone?0.10.in-addr.arpa/IN
(http://0.10.in-addr.arpa/IN)?(signed): sending notifies (serial 2020011056)
Jan 15 11:59:56 mydnsserver01 named[1172]: zone?0.10.in-addr.arpa/IN
(http://0.10.in-addr.arpa/IN)?(signed): sending notifies (serial 2020011057)
Jan 15 12:03:58 mydnsserver01 named[1172]: zone?0.10.in-addr.arpa/IN
(http://0.10.in-addr.arpa/IN)?(signed): sending notifies (serial 2020011058)
Jan 15 12:04:09 mydnsserver01 named[1172]: zone?0.10.in-addr.arpa/IN
(http://0.10.in-addr.arpa/IN)?(signed): sending notifies (serial 2020011059)
Jan 15 12:08:01 mydnsserver01 named[1172]: zone?0.10.in-addr.arpa/IN
(http://0.10.in-addr.arpa/IN)?(signed): reconfiguring zone keys
Could you please help me with troubleshooting?
Best regards,?
--
Smil Milan Jesky?ka Kazatel
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20200128/384ad
214/attachment-0001.htm>
------------------------------
Message: 2
Date: Tue, 28 Jan 2020 09:17:54 +0000
From: FUSTE Emmanuel <emmanuel.fuste at thalesgroup.com>
To: "bind-users at lists.isc.org" <bind-users at lists.isc.org>
Subject: Re: BIND - in loop rewrite zone serial no.
Message-ID: <c819b0fa-18d0-7613-1c9e-2f5db9eccebd at thalesgroup.com>
Content-Type: text/plain; charset="utf-8"
Le 28/01/2020 ? 10:14, Milan Jeskynka Kazatel a ?crit?:
>
> Hello,
>
> my previous email with the same subject still waiting for moderator
> approval, because email is too big.
> Then I have to ask with a shorter part of the log.
>
> I?m facing with a suspicious behavior of my authoritative DNS BIND
> 9.11.4-P2-RedHat-9.11.4-9.P2.el7
> <http://9.11.4-p2-redhat-9.11.4-9.p2.el7/>, when the application
> sometimes does a loop of zone serial reconfiguration. In the log, it
> looks like this
>
> Jan 15 11:51:10 mydnsserver01 named[1172]: zone 0.10.in-addr.arpa/IN
> <http://0.10.in-addr.arpa/IN>?(signed): sending notifies (serial
> 2020011053)
> Jan 15 11:51:45 mydnsserver01 named[1172]: zone 0.10.in-addr.arpa/IN
> <http://0.10.in-addr.arpa/IN>?(signed): sending notifies (serial
> 2020011054)
> Jan 15 11:54:55 mydnsserver01 named[1172]: zone 0.10.in-addr.arpa/IN
> <http://0.10.in-addr.arpa/IN>?(signed): sending notifies (serial
> 2020011055)
> Jan 15 11:58:30 mydnsserver01 named[1172]: zone 0.10.in-addr.arpa/IN
> <http://0.10.in-addr.arpa/IN>?(signed): sending notifies (serial
> 2020011056)
> Jan 15 11:59:56 mydnsserver01 named[1172]: zone 0.10.in-addr.arpa/IN
> <http://0.10.in-addr.arpa/IN>?(signed): sending notifies (serial
> 2020011057)
> Jan 15 12:03:58 mydnsserver01 named[1172]: zone 0.10.in-addr.arpa/IN
> <http://0.10.in-addr.arpa/IN>?(signed): sending notifies (serial
> 2020011058)
> Jan 15 12:04:09 mydnsserver01 named[1172]: zone 0.10.in-addr.arpa/IN
> <http://0.10.in-addr.arpa/IN>?(signed): sending notifies (serial
> 2020011059)
> Jan 15 12:08:01 mydnsserver01 named[1172]: zone 0.10.in-addr.arpa/IN
> <http://0.10.in-addr.arpa/IN>?(signed): reconfiguring zone keys
>
> Could you please help me with troubleshooting?
There is no problems.
Periodic incremental resigning.
Emmanuel.
------------------------------
Subject: Digest Footer
_______________________________________________
bind-users mailing list
bind-users at lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
------------------------------
End of bind-users Digest, Vol 3356, Issue 1
*******************************************
"
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20200128/b58beb20/attachment.htm>
More information about the bind-users
mailing list