dynamic update to SOA records
Tony Finch
dot at dotat.at
Tue May 1 18:16:27 UTC 2012
Chris Thompson <cet1 at cam.ac.uk> wrote:
> Our regular DNS changes (via [scripted] nsupdate) always add the SOA
> explicitly (it's going to change anyway, after all), setting the serial
> to the Unix time(2) value. BIND may have been incrementing the serial
> itself as a result of re-signing activity, but we assume it hasn't
> been doing so as often as once a second...
My nsdiff script can set the serial number to unix time or YYYYMMDDNN; if
that's too small it falls back to increment mode. There's still a bug,
though: lack of support for proper modulo semantics :-) It also uses the
SOA record as an update prerequisite for detecting races and other
inconsistencies. (The system Chris is responsible for uses an HINFO record
for this purpose.)
http://www-uxsup.csx.cam.ac.uk/~fanf2/hermes/conf/bind/bin/nsdiff
Tony.
--
f.anthony.n.finch <dot at dotat.at> http://dotat.at/
Hebrides: North or northeast 4 or 5. Slight or moderate. Fair. Good.
More information about the bind-users
mailing list