[nsd-users] NSD serves old serial after restart
Anand Buddhdev
anandb at ripe.net
Wed Aug 17 11:36:20 UTC 2022
On 17/08/2022 13:18, Klaus Darilion via nsd-users wrote:
Hi Klaus,
> NSD 4.3.5:
> 07:31:13 nsd-pl[811535]: notify for kepno.pl. from X.X.X.20 serial 1660716049
> 07:31:13 nsd-pl[811535]: notify for kepno.pl. from XXXX:XXXX:9::5 serial 1660716049
> 07:31:13 nsd-pl[3084]: xfrd: zone kepno.pl committed "received update to serial 1660716049 at 2022-08-17T07:31:13 from X.X.X.20 TSIG verified with key foobar"
> 07:31:13 nsd-pl[3089]: zone kepno.pl. received update to serial 1660716049 at 2022-08-17T07:31:13 from X.X.X.20 TSIG verified with key foobar of 2403 bytes in 9.8e-05 seconds
> 07:31:13 nsd-pl[811535]: notify for kepno.pl. from X.X.X.4 serial 1660716049
> 07:31:13 nsd-pl[811535]: notify for kepno.pl. from XXXX:XXXX:8::5 serial 1660716049
> 07:31:14 nsd-pl[3084]: zone kepno.pl serial 1660716048 is updated to 1660716049
> 07:46:24 nsd-pl[3089]: writing zone kepno.pl to file kepno.pl.zone
Here, the zone kepno.pl has been saved with serial 1660716049.
> 09:46:22 nsd-pl[1008051]: notify for kepno.pl. from XXXX:XXXX:9::5 serial 1660716050
> 09:46:22 nsd-pl[1008051]: notify for kepno.pl. from X.X.X.20 serial 1660716050
> 09:46:22 nsd-pl[3084]: xfrd: zone kepno.pl committed "received update to serial 1660716050 at 2022-08-17T09:46:22 from XXXX:XXXX:9::5 TSIG verified with key foobar"
> 09:46:22 nsd-pl[1008051]: notify for kepno.pl. from XXXX:XXXX:8::5 serial 1660716050
> 09:46:22 nsd-pl[1008051]: notify for kepno.pl. from X.X.X.4 serial 1660716050
> 09:46:27 nsd-pl[3089]: zone kepno.pl. received update to serial 1660716050 at 2022-08-17T09:46:22 from XXXX:XXXX:9::5 TSIG verified with key foobar of 840 bytes in 0.000108 seconds
> 09:46:28 nsd-pl[3084]: zone kepno.pl serial 1660716049 is updated to 1660716050
> -> NSD 4.3.5 serves serial 1660716050
NSD has internally updated to serial 1660716050, but not yet saved it to
disk. By default, NSD writes out zone files only once per hour.
> Now, upgrade to 4.6 and restart NSD:
> 10:32:04 nsd-pl[1072241]: zone kepno.pl read with success
> 10:32:04 nsd-pl[1072241]: rehash of zone kepno.pl. with parameters 1 0 12 e831662b2ffa02c1
> 10:32:10 nsd-pl[1072240]: zone kepno.pl serial 1660716050 is updated to 1660716049
> --> Why is the serial going backwards?
NSD read the zone from disk, and it still had the previous serial
number, so that's what got loaded into memory. Eventually, NSD would
have noticed that it's outdated and would have done an XFR to update it.
Before restarting NSD, it is good practice to write zones to disk. Or
configure it to save an updated zone immediately to disk, by setting
"zonefiles-write" to a low value, so that zone files on disk are as up
to date as possible.
[snip]
> Is this a bug or a feature?
Feature ;-)
Regards,
Anand
More information about the nsd-users
mailing list