[Opendnssec-user] zone serial has gone backwards
Volker Janzen
voja at voja.de
Wed Jul 16 17:10:44 UTC 2014
Hi,
no I wasn't aware of this. I can't remember a problem serving this SOA style.
Can I simply lower the SOA in the unsigned zone, or will this cause problems with OpenDNSSEC?
Volker
> Am 16.07.2014 um 18:56 schrieb Rick van Rein <rick at openfortress.nl>:
>
> Hi,
>
>> OpenDNSSEC unsigned: 201406716002
>> OpenDNSSEC signed: 1405493501
>
> You are aware that the unsigned value is over 2^32, right?
>
> Also, there is no guarantee that the signer always outputs a higher value than what it receives as its input. The SOA serial synchronisation is between a pair of client and server, it is not a global value.
>
> -Rick
More information about the Opendnssec-user
mailing list