gitnamed, a project to manage name server by git
Dave Warren
lists at hireahit.com
Wed Jan 9 00:01:39 UTC 2013
On 1/8/2013 13:48, Mike Hoskins (michoski) wrote:
> Thanks for sharing both.
>
> Like the built-in sanity checks...Wonder why the fedora folks don't
> automate the serial number update, since in my experience that seems to be
> one of the top silly mistakes with BIND updates?
>
> Our push process sets that to the mtime of the zone for non-dynamic zones,
> which seems to work well except for the occasional DNS validation tool
> baulking that we're not using YYYYMMDDNN format. :-)
When I built my DNS zone creator, I got tired of users complaining that
their zones has "errors" and so I re-coded my serials to start with YYYY
followed by six digits based on the current date/time.
Oddly, that seems to fool most (although not all) of the DNS validation
tools out there, despite the fact that I generate things like 2012804572
which doesn't exactly have a "valid" MM or dd.
I've given up contacting so-called validation tools and asking them to
remove warnings about valid serials, they seem happier reporting
non-errors, and at best they'll return a "Not standard, but I guess it's
okay". It's a shame too, as these tools can provide a sanity check.
--
Dave Warren
http://www.hireahit.com/
http://ca.linkedin.com/in/davejwarren
More information about the bind-users
mailing list