2.15 Resetting Your Zone's Serial Number
2.15.1 Problem
You
need to reset your serial number to some low value, possibly because
you inadvertently added a digit to it.
2.15.2 Solution
If
you've accidentally incremented your serial number
to a value larger than 232 - 1
(4,294,967,295), first find out what your current serial number
is -- because it probably isn't what you think it
is (the serial number is only 32 bits large). The easiest way to do
this is to use a query tool, such as dig, to
look up your zone's SOA record:
$ dig soa foo.example
; <<>> DiG 9.2.1 <<>> soa foo.example
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 4335
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
;; QUESTION SECTION:
;foo.example. IN SOA
;; ANSWER SECTION:
foo.example. 86400 IN SOA ns1.foo.example. hostmaster.foo.
example. 2002021239 3600 900 2592000 3600
If the current serial number is less
than 2,147,483,647, add 2,147,483,647 to the serial number. Wait for
all of your zone's slave name servers to pick up the
new version of the zone (if you're using NOTIFY,
that shouldn't take long). Then set the serial
number to your target.
If the current serial number is larger than 2,147,483,647, just set
the serial number to the number you want.
2.15.3 Discussion
Whahuh? Why on Earth does this work?
Name servers compare serial numbers using sequence space
arithmetic, which ain't your
grandpa's 'rithmetic. In sequence
space arithmetic, you have a finite set of integers, but each number
has a "next" number. After 0 comes
1, then 2, all the way to 4,294,967,295
(232 - 1). The next number after
4,294,967,295 is 0. Think of it like a clock: The hour after 1:00 is
2:00, and the hour after 12:00 is 1:00.
Half of the numbers are larger than any given number, and the other
half are smaller. With a set of 232
possible serial numbers, half (231 - 1,
actually) are larger than any given serial number, and half are
smaller.
Consider the serial number 1,000,000,000. The next
231 - 1 serial numbers, 1,000,000,001
through 3,147,483,647, are larger. The 231
- 1 serial numbers after that, 3,147,483,648 through 4,294,967,295
(232 - 1) and 0 to 999,999,999, are
smaller. Yes, Alice, in the world of serial numbers, 3,147,483,648 is
smaller than 1,000,000,000.
So when you add 2,147,483,647 (231 - 1) to
a serial number, you're actually adding the largest
increment possible -- add a larger number and the result will
actually be smaller than the old serial number,
and your zone's slaves won't
transfer the zone.
Once all the slaves have the new zone, you can simply set the serial
number to the serial number you want, which is now considered larger
than the current serial number.
If you're not comfortable with this New Math, try
out the script reset_serial.pl, included in the
tar file that accompanies this book (see the
Preface for where to get it). reset_serial.pl
takes as arguments your current serial number and the
serial number you want to get to, and tells you how to get there.
There's also a brute
force method for resetting your serial number: set the serial number
to your target in the zone data file. Then delete your
zone's backup data files on all of your slaves and
restart named. Your slave name servers
won't have any choice but to transfer the zone,
regardless of its serial number.
This won't work if you don't have
administrative control of all of your slaves, of course, and it has
all the elegance of using a flat-head screwdriver as a chisel.
2.15.4 See Also
"Starting Over with a New Serial
Number" in Chapter 7 of DNS and
BIND, and RFC 1982 for an explanation of serial number
arithmetic.
|
