[dns-operations] BIND, Knot and NSD behaviour when serial number goes backwards

Klaus Darilion klaus.mailinglists at pernau.at
Thu Feb 23 13:02:26 UTC 2017

Am 19.02.2017 um 12:27 schrieb Anand Buddhdev:
> The plusses and minuses of these behaviours can of course be debated,
> and I'm sure there would be many opinions. I personally prefer the NSD
> behaviour. BIND's is also okay, but it sort of hides the problem (only
> visible if you look at logs). Knot's behaviour is probably the worst.
> I'll open an issue and see what its developers think.

Indeed. I have not read the RFCs, but learnt long time ago that serials
should be increasing. So, if the serial goes backwards it is a
provisioning error (maybe by a human) which justifys human interaction.

Actually I think NSDs behavior is worst as SERVFAIL is usually bad.


More information about the dns-operations mailing list