> On 23 Apr 2020, at 17:31, Petr Bena <petr@bena.rocks> wrote: > > Hello, > > From my experience you don't need to delete whole set, I was actually doing > this quite recently and discovered and interesting behavior of BIND server - > last record you add will override the TTL value for a set. > > So if you add another NS record to a zone, all existing NS records will have > TTL overriden with the last one you add.
Which is a side effect of BIND having a single TTL per RRset as I said below. To use UPDATE to change records on any DNS server please use the methods listed below. The UPDATE message is a bit larger but it is robust. Mark > On 23/04/2020 01:06, Mark Andrews wrote: >> >>> On 23 Apr 2020, at 07:20, Evan Hunt <e...@isc.org> wrote: >>> >>> On Wed, Apr 22, 2020 at 03:04:38PM -0600, @lbutlr via bind-users wrote: >>>> # nsupdate -k /path/to/key >>>>> zone example.com >>>>> ttl 3600 >>>>> send >>>>> ^d >>>> No errors, but no change in the TTL. >>> "ttl 3600" just means "from now on assume I mean ttl 3600 in all the >>> records I send". You didn't actually send an update, so nothing changed.. >>> >>> As far as I can recall, the only way to change a TTL in nsupdate is to >>> delete the whole RRset and then add it back in the same transaction: >>> >>>> zone example.com >>>> ttl 3600 >>>> update del example.com in a >>>> update add example.com in a 192.0.2.1 >>>> update add example.com in a 192.0.2.2 >>>> update add example.com in a 192.0.2.3 >>>> send >> Also don’t forget to add a prerequisite section to ensure you are removing >> the records you think you are. >> >> zone example.com >> ttl 3600 >> prereq yxrrset example.com in a 192.0.2.1 >> prereq yxrrset example.com in a 192.0.2.2 >> prereq yxrrset example.com in a 192.0.2.3 >> update del example.com in a >> update add example.com in a 192.0.2.1 >> update add example.com in a 192.0.2.2 >> update add example.com in a 192.0.2.3 >> send >> >> Also note you can’t do it this way for the NS RRset at top of zone. You >> need to >> delete the NS RRs individually and then add them back without deleting all >> the >> NS at any point in the process as the NS RRset is required to always exist. >> >> Note: named only keeps a single TTL for a RRset so it will update the TTL on >> all >> the records when you add a new one with a different TTL but this is not part >> of >> the UPDATE RFC. >> > _______________________________________________ > Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe > from this list > > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
