dns_update_log shows dynamic entries deleted

[Simon Hobson]

dave c <dhcp at gvtc.drakkar.org> wrote:

> Dynamic DNS updates are written to a local cache for the zone. I don't know if that cache will always persist through having DNS restarted, but I'd suggest that as it's dynamic, it's not designed to be persistent in the DNS zone. Otherwise it would be in a DNS zone file :)

All wrong, sorry.
When you have a dynamic zone in BIND, then BIND does in fact update *the* zone file - including incrementing the SOA serial number. It does keep a journal file (<zone>.jnl), but that's for a different purpose.
This means that you cannot "edit the file and reload it" to manually update a dynamic zone - you'll lose your edits if you try. You have to do it one of 3 ways :
1) Use nsupdate
2) stop BIND, delete the journal file, edit the file, start BIND
3) Freeze the zone (rndc freeze domain.tld), edit the file, unfreeze the zone.

The journal file is used to keep multiple versions. When a slave requires a zone transfer to bring itself up to date, it will try and do an incremental transfer to save bandwidth. The master uses the information in the journal file to be able to send the increments from the zone the slave holds, and the current version held by the master.

Other than a small window (I suspect BIND does in fact cache some updates in memory for a short time before writing them to disk, and then there'll be OS caching), you can "pull the plug" on BIND and it won't lose updates.