Monitoring Zonefiletransfer
Barry S. Finkel
bsfinkel at att.net
Wed Feb 19 15:01:49 UTC 2014
>> A few problems i discovered:
>> >- sometimes have a higher serial then all masters have, is this normal on
>> >an AD DNS? or am I doing something wrong i thought this could not happen.
> Only transfer from one AD master. Microsoft AD doesn't maintain
> consistent serials across the servers. The serials should be
> monotonically increasing from a individual server.
>
And when I had BIND slaves for AD masters, when patches were being
applied to the Domain Controllers (i.e., the ONE DC that I had
selected as a master), a zone serial number would decrease. In most
(but not all) cases, after the DC patching was finished, the zone
serial number would go back to "normal". I was not allowed to open a
trouble ticket with Microsoft. Every morning at 7AM I ran a cron to
capture the zone serial numbers on all of the 44+ AD zones on all my
BIND DNS servers.
(I just realized that in my post about a half-hour ago on this
subject, I had forgotten to change the "Subject:" line from the
digest).
--Barry Finkel
More information about the bind-users
mailing list