[Opendnssec-user] Changing serial number type

Robert Martin-Legene robert at dk-hostmaster.dk
Thu Sep 23 15:35:58 UTC 2010


Jonathan Stanton wrote:
> On a similar line, but slightly off OpenDNSSEC topic, we currently host a zone file at our hosting centre which is then picked up by a 3rd party DNS hosting partner, who provides our public DNS service.  What is the best way to manage the change of serial number formats in this scenario?  I am thinking that it is to get them to restart their front end DNS servers?
>   

The best way is to not have involve your provider. RFC1982 works.
Well ok, I really only tested on NSD and BIND9.

To force your serial backwards:

* Take your current serial and add 2^31 - 1
* HUP your primary.
* Wait for it to propagate to all auth servers
* Change your serial to the lower serial that you desire.
* HUP your primary.
* Make sure it propagates.

Kind regards,

  Robert, .dk

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 261 bytes
Desc: OpenPGP digital signature
URL: <http://lists.opendnssec.org/pipermail/opendnssec-user/attachments/20100923/72beb99f/attachment.bin>


More information about the Opendnssec-user mailing list