DNSSEC zones not updated
Sten Carlsen
stenc at s-carlsen.dk
Wed Jan 22 11:45:34 UTC 2020
Just a basic question, are you querying the master or a slave. If a slave, it could be the notify/transfer.
Thanks
Sten
> On 22 Jan 2020, at 12.11, Jukka Pakkanen <jukka.pakkanen at qnet.fi> wrote:
>
>
> Running BIND 9.14.9 Windows. The zone data is not updated for some reason anymore, and same problem in all our signed zones. Example "gemtrade.fi <http://gemtrade.fi/>":
>
> zone "gemtrade.fi <http://gemtrade.fi/>" {
> type master;
> file "named.gemtrade";
> inline-signing yes;
> auto-dnssec maintain;
> };
>
>
> ;
> ; File: named.gemtrade
> ;
> $TTL 60
> @ IN SOA ns1.qnet.fi <http://ns1.qnet.fi/>. helpdesk.qnet.fi <http://helpdesk.qnet.fi/>. (
> 202001234 ; serial number
> 28800 ; refresh every 12 hours
> 7200 ; retry after 2 hours
> 604800 ; expire after 2 weeks
> 33600) ; default ttl is 2 days
> gemtrade.fi <http://gemtrade.fi/>. IN A 62.142.217.154
> IN MX 55 qntsrv8.qnet.fi <http://qntsrv8.qnet.fi/>.
> IN MX 25 qntsrv9.qnet.fi <http://qntsrv9.qnet.fi/>.
> IN NS ns1.qnet.fi <http://ns1.qnet.fi/>.
> IN NS ns2.qnet.fi <http://ns2.qnet.fi/>.
> IN NS ns3.qnet.fi <http://ns3.qnet.fi/>.
> www IN A 62.142.217.154
> _autodiscover._tcp IN SRV 0 5 443 mail.qnet.fi <http://mail.qnet.fi/>.
> localhost.gemtrade.fi <http://localhost.gemtrade.fi/>. IN A 127.0.0.1
>
>
> Used to work fine, now no matter what change I make to the zone file and reload, it does not show up in queries, but the old data, weeks behind. The SOA & serial numbers *are* updating in the queries, but the actual records not. Example the MX records, currently I have priorities 55 and 25, still inquiries return the old 20 and 20. Same with any records, the changes does not get updated.
>
> Deleting the .jnl file does not help, after "rndc reload gemtrade.fi <http://gemtrade.fi/>" a new .jnl file is created, but queries still return old data.
>
> The named process has all possible rights in the file structure.
>
> What might be wrong?
>
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users <https://lists.isc.org/mailman/listinfo/bind-users> to unsubscribe from this list
>
> bind-users mailing list
> bind-users at lists.isc.org <mailto:bind-users at lists.isc.org>
> https://lists.isc.org/mailman/listinfo/bind-users <https://lists.isc.org/mailman/listinfo/bind-users>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20200122/ff4ef54d/attachment-0001.htm>
More information about the bind-users
mailing list