The Serial typo

Serge pinged me today over Jabber asking hot to tackle an accidental typo in the serial number of a zonefile.

  1. dig +short SOA
  2. 2009141017 7200 3600 1209600 432000

No really we don't need no 13th and 14th month. Given the fact that lots of us use the YYYYMMDDID format That would mean that we'd have to wait for 20100101 to happen before we can update in a readable fashion again ..

Serge then looked some further and found this article which documents a nice solution for a quick fix of the problem

First, add 2147483647 to the erroneous value, for example, 2008022800 + 2147483647 = 4155506447, restart BIND or reload the zone, and make absolutely sure the zone has transferred to all the slave servers. Second, set the SOA serial number for the zone to the correct value and restart BIND or reload the zone again. The zone will transfer to the slave because the serial number has wrapped through zero and is therefore greater that the previous value of 4155506447!

Oh and the twitter hashtag is #dnsproblem fwiw :)


LinyTicky's picture

#1 LinyTicky : ...

Stunning issue, I did not thought it was going to be so stunning when I looked at the title with link.

Kristof Hardy's picture

#2 Kristof Hardy : MySQL based DNS

First of all, great fix and nice to know that it exists. It also might be a good time to try PowerDNS and use MySQL as a backend :-) Use a clean webinterface or a script to manipulate the MySQL data and make the serial number auto increment. (technically it's not even needed when your MySQL servers are synced..) This could also be used to log changes made to your zones.

Philip Paeps's picture

#3 Philip Paeps : Scripts don't make typos

If you're updating zone serial numbers by hand, you're doing it wrong. Also, nslint will flag this and complain.

Kris Buytaert's picture

#4 Kris Buytaert : Me ?

Who said it was me ? :)