Quantcast
Viewing all articles
Browse latest Browse all 44

Answer by Matija Nalis for Slave serial number 5 more than master DNS server

Slave only gets data from master. So if slave has serial 123456 that is because master once upon a time sent it zone with serial 123456. In other words, somebody some time in the past put the wrong (high) serial on the master and slave picked it up, and after that moment slave will refuse all updates with serial smaller than the one it has. Somebody noticed the error and corrected serial on master, but (s)he was too late as changes already propagated.

Possible solutions are:

  1. (better) update the master to have new serial which is higher than all serials on all slaves. It will then propagate and fix all slaves automatically. Unfortunately it might mean giving up on recommended YYYYMMDDX format for serial (or not - depending on the exact problem. It could be fixed later with wraparound fix).

  2. (worse) manually remove zones on corrupted slaves and restart their nameservers. They will then fetch the zone with serial from master and be ok. But note that in this case caching nameservers around the world will keep stale data for time specified in SOA record which might be a problem, depending on your case.


Viewing all articles
Browse latest Browse all 44

Trending Articles