IXFR and lost (?) updates of a TTL
Stephane Bortzmeyer
bortzmeyer at nic.fr
Mon Apr 24 10:16:57 UTC 2006
We experienced a curious BIND bug on slave machines which use IXFR to
transfer from a BIND master. The TTL on the NS records were
changed. While the master had:
$TTL 172800
wf IN SOA nsmaster.nic.fr. hostmaster.nic.fr. (
2006022800
3600
1800
3600000
5400
)
NS a.ext.nic.fr.
NS a.nic.fr.
NS b.ext.nic.fr.
NS b.nic.fr.
NS c.nic.fr.
NS d.ext.nic.fr.
NS e.ext.nic.fr.
NS e.nic.fr.
The IXFR slaves had:
$ORIGIN .
$TTL 172800 ; 2 days
wf IN SOA nsmaster.nic.fr. hostmaster.nic.fr. (
2006022800 ; serial
3600 ; refresh (1 hour)
1800 ; retry (30 minutes)
3600000 ; expire (5 weeks 6 days 16 hours)
5400 ; minimum (1 hour 30 minutes)
)
$TTL 345600 ; 4 days
NS a.ext.nic.fr.
NS a.nic.fr.
NS b.ext.nic.fr.
NS b.nic.fr.
NS c.nic.fr.
NS d.ext.nic.fr.
NS e.ext.nic.fr.
NS e.nic.fr.
[Note the spurious $TTL.]
'rndc retransfer $ZONE' fixed the problem but I wonder if it may comes
back. Can ".jnl" files get corrupted? Any tool to scrutinize them?
The slaves which used AXFR (like a nsd box) were not affected.
More information about the bind-users
mailing list