Announcement

Collapse
No announcement yet.

DNS serial number not match

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • DNS serial number not match

    Hello,

    We have 2 dns server, both on a different interworx-cp box

    When we try to edit the name server for french registrar they do a zonecheck from AFNIC.

    The zonecheck fails because the serial number is not the same for primary and secodnary DNS server.

    Here is an example on how AFNIC does tests valifdation for zone .FR

    http://www.afnic.fr/outils/zonecheck...v6&transp4=std


    So we can't host .fr domain !!!

    Before our name servers was one the same box, so we didn't have this pbm.

    HOW is it possible to have the same serial number ?
    How could we resolve this issue ?

    Thaqnks for your help

    Pascal

  • #2
    Thanks Pascal. We have a previous bug report already filed about a similar problem with DNS serial numbers (the serial numbers currently change every 5 minutes). I'll add this to the list.

    Socheat
    Socheat Sou
    InterWorx-CP | http://interworx.com
    InterWorx Control Panel

    Comment


    • #3
      Forgot to ask, how are you keeping the two DNS servers in sync?
      Socheat Sou
      InterWorx-CP | http://interworx.com
      InterWorx Control Panel

      Comment


      • #4
        Originally posted by IWorx-Socheat View Post
        Forgot to ask, how are you keeping the two DNS servers in sync?
        To have the 2 boxes in sync I've had to add a "Sleep 20; " for the iworx --fively cron job on the first box :)

        Pascal

        Comment


        • #5
          For what it's worth - I'm not having this problem (as long as I don't do a DNS check at the exact moment the boxes are syncing).

          I've got 2 different IWorx boxes syncing with a single (non-Iworx) djbdns installation for secondary (using the tweaked script located elsewhere in this forum).

          JB

          Comment


          • #6
            Originally posted by JayBaen View Post
            For what it's worth - I'm not having this problem (as long as I don't do a DNS check at the exact moment the boxes are syncing).

            I've got 2 different IWorx boxes syncing with a single (non-Iworx) djbdns installation for secondary (using the tweaked script located elsewhere in this forum).

            JB
            This problem is only for some LTD as FR for example !

            Indeed, every registrar that sell .FR must pass a Zonecheck from the AFNIC when they update the primary and secondary servernames

            If the AFNIC Zonechechk fails then the registrar refused to setup your Primary/secondary server names !

            Pascal

            Comment


            • #7
              Originally posted by pascal View Post
              This problem is only for some LTD as FR for example !

              Indeed, every registrar that sell .FR must pass a Zonecheck from the AFNIC when they update the primary and secondary servernames

              If the AFNIC Zonechechk fails then the registrar refused to setup your Primary/secondary server names !

              Pascal
              Right - but, I thought the reason the zonecheck is failing is because the serial numbers aren't in sync.

              I'm only indicating that I'm not having an "in-sync" issue (no pun intended - and in fact, I hope I *never* have *that* issue .. :) ) If you could get the sync-ing problem fixed, then the zonecheck would pass (unless I'm missing something else).

              Comment


              • #8
                ha ha ha I think I explain very badly

                You right I have this zonecheck problem, not because the sync is not well done, but because one box sync the other in a bad order.

                The server A sync server B and server B sync server A (because ns1 is on server A and ns2 is on server B)

                So there is a difference in the serial number

                The only way I found to resolve this is set the 5 mn crontab at the exact same hours on the two box and then put a delay on one of the box of 10 or 20 seconds

                Pascal

                Comment


                • #9
                  Got it.

                  Have you thought of just syncing all of your DNS to "secondary" servers? Think of staging yourself for the situation of when you may have 25 Iworx servers - and you'll probably still only want to have 2 functioning as DNS for resolution from the outside for your hosted domains (not 25+).

                  I currently sync more than 1 IWorx box to external DNS - which works great (esp. since we have MX resolution for certain domains outside of the originating IWorx box. This allows mail to flow even when the "primary" DNS" is down).

                  We tend to have less of the serial numbers not matching since it only has to sync one direction, not two.

                  JB

                  Comment


                  • #10
                    I already have more than 2 servers, but 2 of them are my ns. All of others servers sync to 1 (which sync to the secondary). There is only these 2 servers that sync themself :)

                    So we won't have 25+ dns servers :)

                    Thanks JB for the tips

                    Pascal

                    Comment

                    Working...
                    X