Ignored SOA serial SOA query refused
Eugene Tsuno - NOAA Affiliate
eugene.tsuno at noaa.gov
Wed May 25 17:33:18 UTC 2022
So a test stealth server was setup with an existing zone. It had a lower
SOA serial than the running one, yet the master accepted a zone transfer
and started using the outdated zone.
The only thing is AXFRs were allowed but not query, so I see the notify
from
the test server and also an AXFR. I thought the master would SOA query but
I don't know what bind does if the SOA query is refused.
I have never had BIND ignore the soa serial in any case except
overrunning/going negative.
The master is running:
BIND 9.11.4-P2-RedHat-9.11.4-26.P2.el7_9.7
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20220525/849289ea/attachment.html>
More information about the dns-operations
mailing list