BIND problem
Barry Margolin
barmar at genuity.net
Wed Aug 1 22:41:30 UTC 2001
In article <9k7h27$aki at pub3.rc.vix.com>, <Mark.Andrews at nominum.com> wrote:
>
>> In article <9jn80h$b3j at pub3.rc.vix.com>,
>> <Suzanne.VanPatten at Gunter.AF.mil> wrote:
>> >
>> >Seems like your serial number is too big (out of bound), take off final
>> >digit, it should work (2001072514)
>>
>> No, that's not the problem; BIND simply lets it overflow, computing
>> <serial> mod 2^32.
>
> No. BIND 9 does detect overflow and reports a range error.
Wow, that's going to screw lots of sites, although probably not as many as
were affected when the default for check-names changed. But the fix is
more difficult than just adding an option to named.conf -- they'll have to
go through all the affected zone files. But they can't just remove the
extra digit, because this will cause the slaves to complain "serial# <
ours"; they'll have to figure out what serial number the old one overflowed
to, add 2^31-1 to that, wait for the zone to propagate, then set it to what
they want.
And they can't use the old "set the serial# to 0" trick, because you got
rid of that in BIND 8.2.
Do the BIND 9 installation instructions warn about this for people
upgrading from BIND 8 or lower? IMHO, incompatibilities like this should
be in BIG BOLD LETTERS. Especially when the error message is so unclear
(the log message that the OP posted mentions the line *after* the serial
number -- and don't give me any bullshit about the "near" qualifier,
because I don't think most admins will figure out that this is what you
meant on their own).
--
Barry Margolin, barmar at genuity.net
Genuity, Woburn, MA
*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
Please DON'T copy followups to me -- I'll assume it wasn't posted to the group.
More information about the bind-users
mailing list