Not at "wits end" but still a bit confused......

Barry Margolin barmar at alum.mit.edu
Tue Apr 22 00:55:42 UTC 2008 

In article <fuheb4$2aut$1 at sf1.isc.org>,
 Martes G Wigglesworth <martes at mgwigglesworth.com> wrote:

> I have run named -g and the following is the result and I think that I
> was using a serial that was out of range.  I have not seen anything
> referencing such cases.  Maybe I did not notice it is the docs, however,
> what is the standard for serial length?  I had to remove the year from
> the serial, and the file loaded corrected, of which I guess it was not,
> in previous cases.

Serial is a 32 bit, unsigned intenger.  2^32 is about 4*10^10.  A 
popular format for serials is YYYYMMDDnn.  This allows you to make 100 
changes to the zone in a day (an average of 4 changes/hour), which is 
enough for most sites.

This scheme will not overflow the size of the serial for over 2,000 
years.  Removing the year from the serial is NOT a good idea, because 
you'll be screwed when the year changes.  Instead, get rid of the time 
of day.

> 
> Thanks for the assistance. I am not sure why named -g did not pick up
> the bad domain origin line, however, I guess it was paying more
> attention to the "out of range" serial number.

There's nothing wrong with the origin line itself.  The problem is that 
the SOA record ends up being for the wrong domain.  You should have seen 
complaints about no SOA record for the zone.

> 
> All is running smoothly after I removed the 20 from 2008 in the serial,
> and made the change of adding the root "." to the end of the orgin
> declaration.  I am sure it would have gave me some wierd issues as well.
> I made the changes to the other zone file serials, and they are
> functioning as well.
> 
> Thanks again. 
> 
> 
> 
> 
> On Mon, 2008-04-21 at 01:56 -0400, Barry Margolin wrote:
> > In article <fuh8l0$1oah$1 at sf1.isc.org>,
> >  Martes G Wigglesworth <martes at mgwigglesworth.com> wrote:
> > 
> > > I am having trouble resolving my authoritative domain(s).  I am still in
> > > the test phase, however, I am a bit stumped.  I have not finished
> > > re-evaluating all aspect of my file(s), however, I wanted to shoot an
> > > email just in case someone sees a problem prior to my finishing my
> > > analysis of the dis-functionality.  I have stopped and restarted named
> > > about five times in the last five hours, and I have seen no difference
> > > in functionality, asside from a brief period of resolution, where I
> > > received no address entry in the "question section." section of the
> > > response. I have been attempting to get my own domain(s) working,
> > > however, I through in example.com just for testing, and nothing other
> > > than root server inquiries from the internet work through my name
> > > server(s). I have listed it below my zone file.
> > > 
> > > I would appreciate some assistance, because I don't see why the simple
> > > file is not resolving anything.
> > > 
> > > My zone file, ".../master/example.net" is listed below:
> > > 
> > > /*********************ZONE*FILE**********************/
> > > cat /etc/namedb/master/example.com
> > > $TTL 86400
> > > $ORIGIN example.com
> > 
> > Either remove the $ORIGIN directive, or change it to
> > 
> > $ORIGIN example.com.
> > 
> > The origin you specified is example.com.example.com.
> > 
> > I'm surprised you didn't get log messages telling you that you don't 
> > have an SOA record at the zone top.  Or did you even check your log?
> >

-- 
Barry Margolin, barmar at alum.mit.edu
Arlington, MA
*** PLEASE don't copy me on replies, I'll read them in the group ***

More information about the bind-users mailing list