--- Begin Message ---
So a test stealth server was setup with an existing zone. It had a lower
SOA serial than the running one, yet the master accepted a zone transfer
and started using the outdated zone.
The only thing is AXFRs were allowed but not query, so I see the notify
from
the test server and also an AXFR. I thought the master would SOA query but
I don't know what bind does if the SOA query is refused.
I have never had BIND ignore the soa serial in any case except
overrunning/going negative.
The master is running:
BIND 9.11.4-P2-RedHat-9.11.4-26.P2.el7_9.7
--- End Message ---
_______________________________________________
dns-operations mailing list
[email protected]
https://lists.dns-oarc.net/mailman/listinfo/dns-operations
