Re: [Freeipa-users] SOA Serial changes overnight and is inconsisstent with replica
On 8.9.2015 14:06, David Dejaeghere wrote: > @Petr. I understood bind restart caused an increment. But I was unaware > that this value was not replicated. If I add a record to a zone the SOA > serials do get in sync again. But I understand the multimaster setup and > now I understand where this nightly increment is comming from. It is indeed > logrotate. For the record, bind-dyndb-ldap tries to set the SOA serial to unix timestamp if old SOA serial < current timestamp. If old SOA serial <= current timestamp then it is incremented by one. This + different logrorate configuration might explain the difference. The consequence is that your DNS slaves should be configured to use the same master all the time and fail over only if the original master is not available. Petr^2 Spacek > Kind Regards, > > David > > 2015-09-08 13:16 GMT+02:00 Petr Spacek: > >> On 8.9.2015 13:06, Martin Basti wrote: >>> >>> >>> On 09/07/2015 03:00 PM, David Dejaeghere wrote: Hello, I noticed on the couple of installs that I am running that my zones have different soa serial values on both master and replica. I also noticed >> that this value is changing without adding or removing a record some time >> during the night. What exactly is changing this and how come these values become >> inconsistant? For example: Serial on master: 1441509183 Serial on replica: 1441597213 Is this expected? Kind Regards, David >>> Hello, >>> >>> does the replication between master and replica works? >> >> SOA is specific for replica (as IPA provides multi-master DNS) and is not >> replicated. SOA serial in each zone is incremented upon BIND restart so >> e.g. >> logrotate during night might cause SOA to increment. >> >> -- >> Petr^2 Spacek -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
Re: [Freeipa-users] SOA Serial changes overnight and is inconsisstent with replica
On 09/07/2015 03:00 PM, David Dejaeghere wrote: Hello, I noticed on the couple of installs that I am running that my zones have different soa serial values on both master and replica. I also noticed that this value is changing without adding or removing a record some time during the night. What exactly is changing this and how come these values become inconsistant? For example: Serial on master: 1441509183 Serial on replica: 1441597213 Is this expected? Kind Regards, David Hello, does the replication between master and replica works? -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
Re: [Freeipa-users] SOA Serial changes overnight and is inconsisstent with replica
On 8.9.2015 13:06, Martin Basti wrote: > > > On 09/07/2015 03:00 PM, David Dejaeghere wrote: >> Hello, >> >> I noticed on the couple of installs that I am running that my zones have >> different soa serial values on both master and replica. I also noticed that >> this value is changing without adding or removing a record some time during >> the night. >> >> What exactly is changing this and how come these values become inconsistant? >> For example: >> Serial on master: 1441509183 >> Serial on replica: 1441597213 >> >> Is this expected? >> >> Kind Regards, >> >> David >> >> >> > Hello, > > does the replication between master and replica works? SOA is specific for replica (as IPA provides multi-master DNS) and is not replicated. SOA serial in each zone is incremented upon BIND restart so e.g. logrotate during night might cause SOA to increment. -- Petr^2 Spacek -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project