[Opendnssec-user] serial number decreased in signed zone in 1.4.0a2
Matthijs Mekking
matthijs at nlnetlabs.nl
Wed Jul 25 08:41:35 UTC 2012
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 07/24/2012 05:49 PM, Paul Wouters wrote:
> On Tue, 24 Jul 2012, Matthijs Mekking wrote:
>
>> What serial arithmetic do you use (<SOA><Serial>)?
>
> unixtime
>
>> Valid reasons for the serial decreasing might be loss/corruption
>> of back up file.
>
> I surely deleted backup/tmp files in /var/opendnssec in the last
> half year, so those files for colah.ca did get lost. But shouldn't
> unixtime increase over time regardless? I am not sure why a zone
> signed on July 24 would end up with 2012011518 as serial number?
There is a rule that if there exist no state for a zone, it takes the
input serial + 1, or the unixtime/datecounter/..., whichever is
greater. This is to move your unsigned zone towards OpenDNSSEC more
easier.
However, that still does not explain why it is 2012011518.
Best regards,
Matthijs
>
> Paul
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iQEcBAEBAgAGBQJQD7E/AAoJEA8yVCPsQCW5LkIH/074Rixc9SgeWLsjKmFfM721
xa3io4P8w+6bZDoNU3dkJd62Ff55KqdQY1XRaNK9X1SXjQjCalEfVQ7XPUvwqR0V
WuDHb8b8sMCWAYXIAV9ev2BwaDsL6zhW23qQj7vhR15JcwZSQkrmPZl6fg6SlXVp
QivmjhYOLqaodoQ9cpvYdYag3AJQtVLfwvU4NtnPvothMApmxWwpVRU1/XzSY0DU
ebZPOqpvHK+aJx/8TUVCZN6Ys66M3uNd+o/hxRfME4kB8Kwaw0H8+GdJamDzwY28
zeC4YOO1Ff5uj0KJHAxsBuepQi8LTNWpZett6kPD9SrsgKD8ZMcnxtm4ie639R0=
=1+PM
-----END PGP SIGNATURE-----
More information about the Opendnssec-user
mailing list