[Opendnssec-user] zone serial has gone backwards
Volker Janzen
voja at voja.de
Wed Jul 16 16:54:02 UTC 2014
Hi Emil,
OpenDNSSEC unsigned: 201406716002
OpenDNSSEC signed: 1405493501
Serial on the slaves has been: 2960748158 (so 1405493501 < 2960748158
-> backward change)
SignerConfiguration contains
<SOA>
<TTL>PT3600S</TTL>
<Minimum>PT3600S</Minimum>
<Serial>unixtime</Serial>
</SOA>
- Volker
On Wed, 16 Jul 2014 12:52:58 +0300, Emil Natan <shlyoko at gmail.com>
wrote:
> What is the serial number for the unsigned and signed zones? What is
> the serial number for the zone on your slave servers? What is the
> serial configuration for that zone/policy in the kasp.xml file?
>
> Emil
>
> On Wed, Jul 16, 2014 at 10:21 AM, Volker Janzen wrote:
> Hi,
>
> after some time I made an update to one of my signed zones today,
> resulting in this log entry:
>
> Jul 16 08:51:41 a named[14367]: zone EXAMPLE.COM/IN [2]: zone serial
> (1405493501/2960748158) has gone backwards
>
> How can this happen and how can I fix this? The slave DNS servers are
> not picking up the new zonefile.
>
> Greetings,
> Volker
More information about the Opendnssec-user
mailing list