BIND - in loop rewrite zone serial no.

Matus UHLAR - fantomas uhlar at fantomas.sk
Tue Jan 28 12:28:15 UTC 2020 

On 28.01.20 13:16, Milan Jeskynka Kazatel wrote:
>Hello Emmanuel,

I am not Emmanuel.

>I´m confused about this behavior. 
>
>Why does Bind keep resign zone in a loop over and over in a few minutes? In
>this log strip is it from serial 2020011053 to serial 2020011059 between 11:
>51 and 12:08?

don't you use dynamic updated? Don't your clients or DHCP server update
reverse zone 0.10.in-addr.arpa ?

>---------- Původní e-mail ----------
>Od: bind-users-request at lists.isc.org
>Komu: bind-users at lists.isc.org
>Datum: 28. 1. 2020 13:03:46
>Předmět: bind-users Digest, Vol 3356, Issue 1
>"Send bind-users mailing list submissions to
>bind-users at lists.isc.org
>
>To subscribe or unsubscribe via the World Wide Web, visit
>https://lists.isc.org/mailman/listinfo/bind-users
>or, via email, send a message with subject or body 'help' to
>bind-users-request at lists.isc.org
>
>You can reach the person managing the list at
>bind-users-owner at lists.isc.org
>
>When replying, please edit your Subject line so it is more specific
>than "Re: Contents of bind-users digest..."
>
>
>Today's Topics:
>
>1. BIND - in loop rewrite zone serial no. (Milan Jeskynka Kazatel)
>2. Re: BIND - in loop rewrite zone serial no. (FUSTE Emmanuel)
>
>
>----------------------------------------------------------------------
>
>Message: 1
>Date: Tue, 28 Jan 2020 10:14:49 +0100 (CET)
>From: "Milan Jeskynka Kazatel" <KazatelM at seznam.cz>
>To: <bind-users at lists.isc.org>
>Subject: BIND - in loop rewrite zone serial no.
>Message-ID: <YyD.6dwT.5V2I6Oea}sX.1UB}k9 at seznam.cz>
>Content-Type: text/plain; charset="utf-8"
>
>
>Hello,
>
>
>
>my previous email with the same subject still waiting for moderator
>approval, because email is too big.
>
>Then I have to ask with a shorter part of the log.
>
>
>
>
>
>I?m facing with a suspicious behavior of my authoritative DNS?BIND?9.11.4-P2
>
>-RedHat-9.11.4-9.P2.el7(http://9.11.4-p2-redhat-9.11.4-9.p2.el7/), when the
>
>application sometimes does a loop of zone serial reconfiguration. In the
>log, it looks like this
>
>
>
>
>
>
>Jan 15 11:51:10 mydnsserver01 named[1172]: zone?0.10.in-addr.arpa/IN
>(http://0.10.in-addr.arpa/IN)?(signed): sending notifies (serial 2020011053)
>
>
>Jan 15 11:51:45 mydnsserver01 named[1172]: zone?0.10.in-addr.arpa/IN
>(http://0.10.in-addr.arpa/IN)?(signed): sending notifies (serial 2020011054)
>
>
>Jan 15 11:54:55 mydnsserver01 named[1172]: zone?0.10.in-addr.arpa/IN
>(http://0.10.in-addr.arpa/IN)?(signed): sending notifies (serial 2020011055)
>
>
>Jan 15 11:58:30 mydnsserver01 named[1172]: zone?0.10.in-addr.arpa/IN
>(http://0.10.in-addr.arpa/IN)?(signed): sending notifies (serial 2020011056)
>
>
>Jan 15 11:59:56 mydnsserver01 named[1172]: zone?0.10.in-addr.arpa/IN
>(http://0.10.in-addr.arpa/IN)?(signed): sending notifies (serial 2020011057)
>
>
>Jan 15 12:03:58 mydnsserver01 named[1172]: zone?0.10.in-addr.arpa/IN
>(http://0.10.in-addr.arpa/IN)?(signed): sending notifies (serial 2020011058)
>
>
>Jan 15 12:04:09 mydnsserver01 named[1172]: zone?0.10.in-addr.arpa/IN
>(http://0.10.in-addr.arpa/IN)?(signed): sending notifies (serial 2020011059)
>
>
>Jan 15 12:08:01 mydnsserver01 named[1172]: zone?0.10.in-addr.arpa/IN
>(http://0.10.in-addr.arpa/IN)?(signed): reconfiguring zone keys
>
>
>
>
>
>
>
>Could you please help me with troubleshooting?
>
>
>
>
>Best regards,?
>--
>Smil Milan Jesky?ka Kazatel
>-------------- next part --------------
>An HTML attachment was scrubbed...
>URL: <https://lists.isc.org/pipermail/bind-users/attachments/20200128/384ad
>214/attachment-0001.htm>
>
>------------------------------
>
>Message: 2
>Date: Tue, 28 Jan 2020 09:17:54 +0000
>From: FUSTE Emmanuel <emmanuel.fuste at thalesgroup.com>
>To: "bind-users at lists.isc.org" <bind-users at lists.isc.org>
>Subject: Re: BIND - in loop rewrite zone serial no.
>Message-ID: <c819b0fa-18d0-7613-1c9e-2f5db9eccebd at thalesgroup.com>
>Content-Type: text/plain; charset="utf-8"
>
>Le 28/01/2020 ? 10:14, Milan Jeskynka Kazatel a ?crit?:
>>
>> Hello,
>>
>> my previous email with the same subject still waiting for moderator
>> approval, because email is too big.
>> Then I have to ask with a shorter part of the log.
>>
>> I?m facing with a suspicious behavior of my authoritative DNS BIND
>> 9.11.4-P2-RedHat-9.11.4-9.P2.el7
>> <http://9.11.4-p2-redhat-9.11.4-9.p2.el7/>, when the application
>> sometimes does a loop of zone serial reconfiguration. In the log, it
>> looks like this
>>
>> Jan 15 11:51:10 mydnsserver01 named[1172]: zone 0.10.in-addr.arpa/IN
>> <http://0.10.in-addr.arpa/IN>?(signed): sending notifies (serial
>> 2020011053)
>> Jan 15 11:51:45 mydnsserver01 named[1172]: zone 0.10.in-addr.arpa/IN
>> <http://0.10.in-addr.arpa/IN>?(signed): sending notifies (serial
>> 2020011054)
>> Jan 15 11:54:55 mydnsserver01 named[1172]: zone 0.10.in-addr.arpa/IN
>> <http://0.10.in-addr.arpa/IN>?(signed): sending notifies (serial
>> 2020011055)
>> Jan 15 11:58:30 mydnsserver01 named[1172]: zone 0.10.in-addr.arpa/IN
>> <http://0.10.in-addr.arpa/IN>?(signed): sending notifies (serial
>> 2020011056)
>> Jan 15 11:59:56 mydnsserver01 named[1172]: zone 0.10.in-addr.arpa/IN
>> <http://0.10.in-addr.arpa/IN>?(signed): sending notifies (serial
>> 2020011057)
>> Jan 15 12:03:58 mydnsserver01 named[1172]: zone 0.10.in-addr.arpa/IN
>> <http://0.10.in-addr.arpa/IN>?(signed): sending notifies (serial
>> 2020011058)
>> Jan 15 12:04:09 mydnsserver01 named[1172]: zone 0.10.in-addr.arpa/IN
>> <http://0.10.in-addr.arpa/IN>?(signed): sending notifies (serial
>> 2020011059)
>> Jan 15 12:08:01 mydnsserver01 named[1172]: zone 0.10.in-addr.arpa/IN
>> <http://0.10.in-addr.arpa/IN>?(signed): reconfiguring zone keys
>>
>> Could you please help me with troubleshooting?
>There is no problems.
>Periodic incremental resigning.
>
>Emmanuel.
>
>------------------------------
>
>Subject: Digest Footer
>
>_______________________________________________
>bind-users mailing list
>bind-users at lists.isc.org
>https://lists.isc.org/mailman/listinfo/bind-users
>
>
>------------------------------
>
>End of bind-users Digest, Vol 3356, Issue 1
>*******************************************
>"

>_______________________________________________
>Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
>
>bind-users mailing list
>bind-users at lists.isc.org
>https://lists.isc.org/mailman/listinfo/bind-users


-- 
Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
On the other hand, you have different fingers.

More information about the bind-users mailing list