On 2022-01-20 Klaus Darilion wrote: >> Okay, but then what is the appropriate way to get PowerDNS to update >> the SOA record? > > Good question - depends on what you want to achieve. > > Your settings: > SOA-EDIT = INCEPTION-EPOCH > SOA-EDIT-API = SOA-EDIT-INCREASE > TSIG-ALLOW-AXFR = transfer > > Honestly, for SOA-EDIT-API I do not understand the = > SOA-EDIT(-INCREASE) options, as they refer back to SOA-EDIT which is > again based on the serial in DB ... seems like a circular dependency. > > I use SOA-EDIT-API= DEFAULT. This gives me nice YYYYMMDD01 timestamps. > For DNSSEC zones, to inform secondaries about new signatures, I use > SOA-EDIT = INCEPTION-WEEKS. In PowerDNS DNSSEC signatures are always > valid 3 weeks, changed one a week when "inception weeks" occour > (Thursdays 00:00). Hence, if a zone is not changed, the serial on > Thursday is 1 higher than the serial on Wednesday.
As far as I'm aware we are not using DNSSEC for the zones in question, so anything DNSSEC-related should not be an issue. In our environment there can be more than 99 updates to a zone per day. Perhaps not frequently, but it can occur, and we need to ensure timely updates on slaves even if they do. Hence the format YYYYMMDD## is not feasible for our use case and we had to chenage it to epoch. Which, like I said, works nicely in most cases. Both modifying the zone via PowerAdmin or via the API update the SOA the way I expect (serial is incremented and the updated serial appears in the SOA record in the database). The only exception seems to be when PowerDNS internally updates the serial on Thursdays 00:00 UTC. This change never appears in the database. I could work around this by running a cron job to detect the mismatch and run `pdnsutil increase-serial ZONE`, which fixes the problem. However, I'd prefer if I could configure PowerDNS to either not do this automatic serial incrememt every Thursday or at least also write the íncremented serial ot the database. Regards Ansgar Wiechers -- Automatic Server AG ∙ ∙ ∙ ∙ ∙ Turnerstrasse 2, CH-9000 St. Gallen Telefon: +41 71 511 31 11 http://www.automatic-server.com _______________________________________________ Pdns-users mailing list Pdns-users@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/pdns-users
