Signed zone does not get updated 'receive_secure_serial: not exact'
Mark Andrews
marka at isc.org
Wed Dec 26 22:31:57 UTC 2012
In message <0FAC2F01-3384-45DA-8AD9-738FB175B4EC at leuxner.net>, Thomas Leuxner writes:
> Hi,
>
> I'm having the problem that after rolling a dynamic update on one of the
> zones - a newly signed zone - the signed zone does not get updated, but
> mocks about the serial being 'not exact'.
The above sentence is not proper English which makes it hard to determine
what you actually did.
It is not mocking about the serial being 'not exact'. What it is
complaining about is that when the change you just applied to the
unsigned version of the zone is applied to the signed version it
found one of:
* the record to be removed was not there
* the record to be aded was already there
This means that the two versions of the zone have become unsyncronized.
> Dec 26 07:39:26 spectre named[23831]: client 188.138.3.243#16192/key =
> tlx.leuxner.net: signer "tlx.leuxner.net" approved
> Dec 26 07:39:26 spectre named[23831]: client 188.138.3.243#16192/key =
> tlx.leuxner.net: updating zone 'leuxner.net/IN':deleting rrset at =
> '2012._domainkey.leuxner.net' TXT
> Dec 26 07:39:26 spectre named[23831]: client 188.138.3.243#16192/key =
> tlx.leuxner.net: updating zone 'leuxner.net/IN': adding an RR at =
> '2012._domainkey.leuxner.net' TXT
> Dec 26 07:39:26 spectre named[23831]: zone leuxner.net/IN (signed): =
> receive_secure_serial: not exact
>
> What am I doing wrong (9.9.2-P1)?
>
> Regards
> Thomas
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka at isc.org
More information about the bind-users
mailing list