[nsd-users] nsd-4.1.15: problems parsing a zone file

W.C.A. Wijngaards wouter at nlnetlabs.nl
Tue Feb 28 08:40:27 UTC 2017


Hi Lars,

4.1.15 refuses to load illegally large serial numbers.  This number is
then larger than the 32bits that we have to store it in.  Older NSD
would not actually store that number.  And in 4.1.15 we fixed it that
impossible numbers are not parsed.

201702270932  is too large, your serial number.
4000000000 - that is 4 billion.

usually people have year+month+day+counterfrom1to100.
there is no space for year+month+day+hour+minute.

I have changed the code to print:
error: home.mydomain.org.zone:8: serial is expected or serial too big

Best regards, Wouter

On 27/02/17 10:32, Lars Wendler wrote:
> Hi,
> 
> after updating nsd from version 4.1.14 to version 4.1.15 I have the
> following error messages in the nsd logfile upon startup:
> 
> 
> [2017-02-27 10:09:12.347] nsd[18850]: notice: nsd starting (NSD 4.1.15)
> [2017-02-27 10:09:12.348] nsd[18852]: error: home.mydomain.org.zone:8:
> serial is expected 
> [2017-02-27 10:09:12.348] nsd[18852]: error: home.mydomain.org.zone:13:
> zone configured as 'home.mydomain.org' has no SOA record. 
> [2017-02-27 10:09:12.348] nsd[18852]: error: zone home.mydomain.org
> file home.mydomain.org.zone read with 2 errors 
> [2017-02-27 10:09:12.360] nsd[18852]: notice: nsd started (NSD 4.1.15),
> pid 18851
> 
> 
> The same zone file was read without errors with nsd-4.1.14 and older
> versions:
> 
> [2017-02-27 09:38:22.128] nsd[17816]: notice: nsd starting (NSD 4.1.14)
> [2017-02-27 09:38:22.140] nsd[17818]: notice: nsd started (NSD 4.1.14),
> pid 17817
> 
> nsd-checkzone from version 4.1.15 also reports the above errors whereas
> nsd-checkzone from 4.1.14 does not report any errors.
> 
> Here is the corresponding zone file:
> 
> 
> # cat /var/lib/nsd/home.mydomain.org.zone 
> $TTL 600
> @ IN SOA ns4.mydomain.org. polynomial-c.gmx.de. (
>     201702270932        ; Serial
>     14400               ; Refresh
>     1800                ; Retry
>     604800              ; Expire
>     86400               ; Minimum
>     )
> 
> @               IN NS   ns4.mydomain.org.
> 
> @               IN A    85.212.112.110
> 
> 
> I am quite new to DNS servers and its configuration so it might also be
> my config being broken. But searching the web and reading the
> documentation didn't bring me to a working solution so now I'm here :)
> 
> Please CC me on replies as I am not subscribed to this list.
> 
> Thanks in advance
> kind regards
> Lars
> _______________________________________________
> nsd-users mailing list
> nsd-users at NLnetLabs.nl
> https://open.nlnetlabs.nl/mailman/listinfo/nsd-users
> 


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://lists.nlnetlabs.nl/pipermail/nsd-users/attachments/20170228/06cfbba9/attachment.bin>


More information about the nsd-users mailing list