I was wondering if there was any significance in the SOA serial value....
$ date --date='@1297117089'
Tue Feb 8 00:18:09 SAST 2011
$ date --date='@1762233707'
Tue Nov 4 07:21:47 SAST 2025
...so nope (but sort of close?)
Personally - I try and use a YYYYMMDDxx format in my SOA Serial number -
so in an easily understandable human readable format (as long as there
are no more than 99 updates in a day - or one change every 15 minute
clock tick). Another option is the current seconds since Unix epoch -
which is what I thought might be going on. That could work for very busy
or dynamic zones.
It then allows for simple sanity checking of the SOA Serial number based
on the current date (and time) - before telling your authoritative
nameserver software a change has happened.
Years ago - I had to rotate an SOA Serial past 2^31, negative and down,
past Zero to the format we wanted when an uncontrolled SOA update
happened. Pain in the rear end.
Anyway - the Secondaries will only update again once the Primary SOA
Serial number is "bigger" than they are.
On 12/17/20 8:56 PM, Bruce Johnson wrote:
Someone updated out name server and messed up the serial number on the primary;
as a result our secondaries are not updating properly.
Primary:
bruces-Mac-Mini:~ johnson$ dig @elixir.pharmacy.arizona.edu -t SOA +noall
+answer pharmacy.arizona.edu
pharmacy.arizona.edu. 86404 IN SOA elixir.pharmacy.arizona.edu.
wunz.elixir.pharmacy.arizona.edu. 1297117089 3600 120 1209600 86400
Secondaries:
bruces-Mac-Mini:~ johnson$ dig @dhbns1.pharmacy.arizona.edu -t SOA +noall
+answer pharmacy.arizona.edu
pharmacy.arizona.edu. 86404 IN SOA elixir.pharmacy.arizona.edu.
wunz.elixir.pharmacy.arizona.edu. 1762233707 3600 120 1209600 86400
bruces-Mac-Mini:~ johnson$ dig @ns-remote.arizona.edu -t SOA +noall +answer
pharmacy.arizona.edu
pharmacy.arizona.edu. 86404 IN SOA elixir.pharmacy.arizona.edu.
wunz.elixir.pharmacy.arizona.edu. 1762233707 3600 120 1209600 86400
Is the fix here just setting the serial number on the primary to 1762233708 ?
The various things online I’ve found are all based on “you accidentally set the
primary more than 2^32 ahead” so you have to do a bunch of modulo arithmetic...
--
Mark James ELKINS - Posix Systems - (South) Africa
m...@posix.co.za Tel: +27.826010496 <tel:+27826010496>
For fast, reliable, low cost Internet in ZA: https://ftth.posix.co.za
<https://ftth.posix.co.za>
Posix SystemsVCARD for MJ Elkins
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
