On 8.9.2015 14:06, David Dejaeghere wrote:
> @Petr. I understood bind restart caused an increment. But I was unaware
> that this value was not replicated.  If I add a record to a zone the SOA
> serials do get in sync again. But I understand the multimaster setup and
> now I understand where this nightly increment is comming from. It is indeed
> logrotate.

For the record, bind-dyndb-ldap tries to set the SOA serial to unix timestamp
if old SOA serial < current timestamp. If old SOA serial <= current timestamp
then it is incremented by one.

This + different logrorate configuration might explain the difference.

The consequence is that your DNS slaves should be configured to use the same
master all the time and fail over only if the original master is not available.

Petr^2 Spacek

> Kind Regards,
> David
> 2015-09-08 13:16 GMT+02:00 Petr Spacek <pspa...@redhat.com>:
>> On 8.9.2015 13:06, Martin Basti wrote:
>>> On 09/07/2015 03:00 PM, David Dejaeghere wrote:
>>>> Hello,
>>>> I noticed on the couple of installs that I am running that my zones have
>>>> different soa serial values on both master and replica.  I also noticed
>> that
>>>> this value is changing without adding or removing a record some time
>> during
>>>> the night.
>>>> What exactly is changing this and how come these values become
>> inconsistant?
>>>> For example:
>>>> Serial on master: 1441509183
>>>> Serial on replica: 1441597213
>>>> Is this expected?
>>>> Kind Regards,
>>>> David
>>> Hello,
>>> does the replication between master and replica works?
>> SOA is specific for replica (as IPA provides multi-master DNS) and is not
>> replicated. SOA serial in each zone is incremented upon BIND restart so
>> e.g.
>> logrotate during night might cause SOA to increment.
>> --
>> Petr^2 Spacek

Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project

Reply via email to