Y-a-t-il pas une erreur dans le serial (un petit zéro en trop) ?
*20090422001*
http://www.ietf.org/rfc/rfc1912.txt (page3)
2.2 SOA records
In the SOA record of every zone, remember to fill in the e-mail
address that will get to the person who maintains the DNS at your
site (commonly referred to as "hostmaster"). The `@' in the e-mail
must be replaced by a `.' first. Do not try to put an `@' sign in
this address. If the local part of the address already contains a
`.' (e.g., john.sm...@widget.xx), then you need to quote the `.' by
preceding it with `\' character. (e.g., to become
John\.Smith.widget.xx) Alternately (and preferred), you can just use
the generic name `hostmaster', and use a mail alias to redirect it to
the appropriate persons. There exists software which uses this field
to automatically generate the e-mail address for the zone contact.
This software will break if this field is improperly formatted. It
is imperative that this address get to one or more real persons,
because it is often used for everything from reporting bad DNS data
to reporting security incidents.
Even though some BIND versions allow you to use a decimal in a serial
number, don't. A decimal serial number is converted to an unsigned
32-bit integer internally anyway. The formula for a n.m serial
number is n*10^(3+int(0.9+log10(m))) + m which translates to
something rather unexpected. For example it's routinely possible
with a decimal serial number (perhaps automatically generated by
SCCS) to be incremented such that it is numerically larger, but after
the above conversion yield a serial number which is LOWER than
before. Decimal serial numbers have been officially deprecated in
recent BIND versions. The recommended syntax is *YYYYMMDDnn*
(YYYY=year, MM=month, DD=day, nn=revision number. This won't
overflow until the year 4294.
Johan Dindaine a écrit :
Bonjour la liste,
Je vous ecris car je voudrais avoir quelques explications sur mon
serveur DNS.
J'ai un domaine dont le SOA de la zone est
$TTL 86400 ; Default TTL
toto.com <http://toto.com>. IN SOA
saturn.toto. jojolapin972.gmail.com <http://jojolapin972.gmail.com>. (
*20090422001* ; serial
10800 ; Refresh period
3600 ; Retry interval
1D ; Expire time
10800 ; Negative caching TTL
)
A mon retour de vacance, j'apprends qu'un des enregistrements n'est
plus mis a jour sur les serveurs esclaves. Alors que le numéro de
série a été incrementé normalement.
Donc pour tester, je vais sur un serveur externe a ce reseau et
execute un DIG dont le resultat est le suivant:
$ dig SOA cosmics.com <http://cosmics.com>
;; QUESTION SECTION:
;toto.com <http://toto.com>. IN SOA
;; ANSWER SECTION:
toto.com <http://toto.com>. 86118 IN SOA
saturn.toto.com <http://saturn.toto.com>. jojolapin972.gmail.com
<http://jojolapin972.gmail.com>. 2910552817 10800 3600 86400 10800
;; AUTHORITY SECTION:
cosmics.com <http://cosmics.com>. 86118 IN NS
saturn.toto.com <http://saturn.toto.com>.
Le numero de serie est devenu '2910552817'. Comment est ce possible?