Am 26.12.2012 um 23:31 schrieb Mark Andrews <ma...@isc.org>: > * the record to be removed was not there > * the record to be aded was already there > > This means that the two versions of the zone have become unsyncronized.
I did some more tests with another zone. Not sure BIND works as intended there: - zone 'trashheap' gets signed (has serial 7 unsigned and receives serial 8|10 signed subsequently) Dec 27 11:34:12 spectre named[27411]: zone trashheap.net/IN (unsigned): loaded serial 7 Dec 27 11:34:12 spectre named[27411]: any newly configured zones are now loaded Dec 27 11:34:12 spectre named[27411]: zone trashheap.net/IN (signed): loaded serial 7 Dec 27 11:34:12 spectre named[27411]: trashheap.net/IN: dns_diff_apply: update with no effect Dec 27 11:34:12 spectre named[27411]: zone trashheap.net/IN (signed): receive_secure_serial: not exact Dec 27 11:34:12 spectre named[27411]: zone trashheap.net/IN (signed): reconfiguring zone keys Dec 27 11:34:12 spectre named[27411]: zone trashheap.net/IN (signed): next key event: 27-Dec-2012 11:34:12.333 Dec 27 11:34:12 spectre named[27411]: zone trashheap.net/IN (signed): sending notifies (serial 8) Dec 27 11:34:12 spectre named[27411]: client 88.198.49.12#26609/key ns1-acme.spoerlein.net (trashheap.net): transfer of 'trashheap.net/IN': IXFR started: TSIG ns1-acme.spoerlein.net Dec 27 11:34:12 spectre named[27411]: client 88.198.49.12#26609/key ns1-acme.spoerlein.net (trashheap.net): transfer of 'trashheap.net/IN': IXFR ended Dec 27 11:34:17 spectre named[27411]: zone trashheap.net/IN (signed): sending notifies (serial 10) Dec 27 11:34:17 spectre named[27411]: client 88.198.49.12#17597/key ns1-acme.spoerlein.net (trashheap.net): transfer of 'trashheap.net/IN': IXFR started: TSIG ns1-acme.spoerlein.net Dec 27 11:34:17 spectre named[27411]: client 88.198.49.12#17597/key ns1-acme.spoerlein.net (trashheap.net): transfer of 'trashheap.net/IN': IXFR ended - a TXT record is added to zone 'trashheap' via nsupdate - same problem as before: 'receive_secure_serial: not exact' Dec 27 11:37:33 spectre named[27411]: client 188.138.3.243#59506/key tlx.leuxner.net: signer "tlx.leuxner.net" approved Dec 27 11:37:33 spectre named[27411]: client 188.138.3.243#59506/key tlx.leuxner.net: updating zone 'trashheap.net/IN': adding an RR at '2013._domainkey.trashheap.net' TXT Dec 27 11:37:33 spectre named[27411]: trashheap.net/IN: dns_diff_apply: update with no effect Dec 27 11:37:33 spectre named[27411]: zone trashheap.net/IN (signed): receive_secure_serial: not exact - to mitigate the problem, zone journal is dropped again 'rndc sync -clean trashheap.net' - zone is frozen - unsigned serial is increased (to 9) - zone is unfrozen - zone receives new signed serial (11) Dec 27 11:44:10 spectre named[27411]: received control channel command 'sync -clean trashheap.net' Dec 27 11:44:10 spectre named[27411]: sync: dumping zone 'trashheap.net/IN', removing journal file: success Dec 27 11:45:40 spectre named[27411]: received control channel command 'loadkeys trashheap.net' Dec 27 11:45:40 spectre named[27411]: zone trashheap.net/IN (signed): reconfiguring zone keys Dec 27 11:45:40 spectre named[27411]: zone trashheap.net/IN (signed): next key event: 27-Dec-2012 11:45:40.045 Dec 27 11:46:38 spectre named[27411]: received control channel command 'freeze trashheap.net' Dec 27 11:46:38 spectre named[27411]: freezing zone 'trashheap.net/IN': success Dec 27 11:47:02 spectre named[27411]: received control channel command 'thaw trashheap.net' Dec 27 11:47:02 spectre named[27411]: thawing zone 'trashheap.net/IN': success Dec 27 11:47:02 spectre named[27411]: zone trashheap.net/IN (unsigned): loaded serial 9 Dec 27 11:47:02 spectre named[27411]: zone trashheap.net/IN (signed): serial 11 (unsigned 9) Dec 27 11:47:02 spectre named[27411]: zone trashheap.net/IN (signed): sending notifies (serial 11) Dec 27 11:47:02 spectre named[27411]: client 88.198.49.12#54606/key ns1-acme.spoerlein.net (trashheap.net): transfer of 'trashheap.net/IN': IXFR started: TSIG ns1-acme.spoerlein.net Dec 27 11:47:02 spectre named[27411]: client 88.198.49.12#54606/key ns1-acme.spoerlein.net (trashheap.net): transfer of 'trashheap.net/IN': IXFR ended - another TXT record is added and propagation works going forward Dec 27 12:03:21 spectre named[27411]: client 188.138.3.243#13188/key tlx.leuxner.net: updating zone 'trashheap.net/IN': adding an RR at '2014._domainkey.trashheap.net' TXT Dec 27 12:03:21 spectre named[27411]: zone trashheap.net/IN (signed): serial 12 (unsigned 10) Dec 27 12:03:21 spectre named[27411]: zone trashheap.net/IN (signed): sending notifies (serial 12) Regards Thomas
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users