Monitoring Zonefiletransfer

[Dave Warren]

On 2014-02-19 16:06, Barry S. Finkel wrote:

> See MS KB article 282826, where MS documents the handling of zone
> serial numbers in an AD environment.


My experience is that it tends to work pretty well if BIND only points 
to one particular MS DNS server at a time, with a failover script that 
detects when that DNS server goes down and flips to another master (if 
you're worried about such things)

That being said, even without that script and with multiple MS DNS 
masters configured in BIND at once, any issues generally work themselves 
out within 15 minutes or so, once the Active Directory serial number 
update propagates through the MS DNS infrastructure. As described in the 
article, the servers self-increment properly when a slave is detected, 
and occasionally sync up the serial numbers between MS DNS servers 
(again, only moving update).

The only inconsistencies are in those recently added/modified records, 
so if you just plan for 15 minute update times for non-MS secondaries to 
sync up and ignore the periodic "serial is lower than expected" 
warnings, multi-mastering works fine in practice.

-- 
Dave Warren
http://www.hireahit.com/
http://ca.linkedin.com/in/davejwarren