Where to find detailed info on nsupdate

Kevin Darcy kcd at daimlerchrysler.com
Fri Jan 4 23:32:17 UTC 2002 

Simon Waters wrote:

> Sean Kowal wrote:
> >
> > Does anyone know where I can find (on the web) detailed info on how to
> > use nsupdate along with all of its commands? The man pages are
> > inadequate and every site i've visited seems to give just a few
> > examples on how to use it with no listing of commands. I would like to
> > be able to update things like the SOA RR in ddns zone, etc... Thanx in
> > advance.
>
> No.
>
> Books - DNS & BIND Cricket and Lui is the best I've seen, whilst
> Langfeldt is good on explaining what the bigger picture is.
>
> You can't delete the SOA, so you just add it and the old one
> goes by magic. You have to update the serial number, which may
> make the behaviour non deterministic, as the serial # could
> change whilst you prepare the command if more dynamic updates
> were received, so you need to add a bigger increment than 1, but
> less than 2^31, usual rules.
>
> Making sure your SOA change is meaningful is slightly harder - I
> guess you can change the e-mail address, and various timing
> settings. Whilst you have to update the serial #, you don't
> actually care much about serial # in the dynamic DNS world, as
> it will increase as needed automatically.
>
> dig +short eighth-layer.internal soa
> linux1.eighth-layer.internal. root.linux1.eighth-layer.internal.
> 2001121611 1080
> 0 3600 604800 300
>
> nsupdate -k dnskey/Ktest.+157+00995.key
> > update add eighth-layer.internal. 86400 SOA linux1.eighth-layer.internal. root.com. 2001121612 10900 3500 650000 301
> >
>
> dig +short eighth-layer.internal soa
> linux1.eighth-layer.internal. root.com. 2001121612 10900 3500
> 650000 301

One trap I've fallen into multiple times when trying to update SOA records via nsupdate is that I tend to

a) make a query of the SOA

b) cut-and-paste the results of the above query, changing just the field I want to change, into the nsupdate command.

Of course, this doesn't work -- you have to change both the field you want to modify *and* increment the serial number,
otherwise the nameserver just silently ignores your update.

Just a word of warning...


- Kevin

More information about the bind-users mailing list