rich1.0phorkiehttps://p.cweiske.de/DNS problemsChristian Weiske86400900900<!-- embedding all files of https://p.cweiske.de/681 -->
<link rel="stylesheet" href="https://p.cweiske.de/css/embed.css"/>
<div class="phork" id="681">
<div class="phork-file">
<div class="phork-content">
<div class="document">
<p>Errors from <a class="reference external" href="https://mxtoolbox.com/SuperTool.aspx">https://mxtoolbox.com/SuperTool.aspx</a> -> DNS check</p>
<div class="section" id="soa-expire-value-out-of-recommended-range">
<h1>SOA Expire Value out of recommended range</h1>
<p>Error message:</p>
<blockquote>
ns1.cweiske.de reported Expire 1048576 : Expire is recommended to be between 1209600 and 2419200.</blockquote>
<p>RFC 1912 says:</p>
<blockquote>
<p>2.2 SOA records</p>
<p>Expire: 2-4 weeks are suggested values.</p>
</blockquote>
<ul class="simple">
<li>2 weeks: 2*24*60*60 = 172800</li>
<li>4 weeks: 4*24*60*60 = 345600</li>
</ul>
<p>Test:</p>
<pre class="literal-block">
$ dig @ns1.cweiske.de +short SOA cweiske.de
ns1.cweiske.de. hostmaster.cweiske.de. 1589436247 16384 2048 1048576 2560
| | | | +minimum
| | | +expire
| | +retry
| +refresh
+-serial
</pre>
<p>Links:</p>
<ul class="simple">
<li><a class="reference external" href="https://en.wikipedia.org/wiki/SOA_record">https://en.wikipedia.org/wiki/SOA_record</a></li>
<li><a class="reference external" href="https://tools.ietf.org/html/rfc1912#section-2.2">https://tools.ietf.org/html/rfc1912#section-2.2</a></li>
<li><a class="reference external" href="https://cr.yp.to/djbdns/tinydns-data.html">https://cr.yp.to/djbdns/tinydns-data.html</a></li>
</ul>
<p>tinydns seems to set the expire time automatically to 1048576 (12.x days)</p>
</div>
<div class="section" id="soa-serial-number-format-is-invalid">
<h1>SOA Serial Number Format is Invalid</h1>
<p>Error was:</p>
<blockquote>
ns1.cweiske.de reported Serial 1589436247 : Suggested serial format year was 1589 which is before 1970.</blockquote>
<p>Reason: tinydns uses the unix timestamp as serial, not the YYYYMMMDDHHIISS format</p>
<p>This is a warning, not an error.</p>
</div>
<div class="section" id="serial-numbers-do-not-match">
<h1>Serial numbers do not match</h1>
<p>Output was:</p>
<blockquote>
1589436247<br/>1589423702</blockquote>
<p>Reason: I updated the zone file on my server, and the secondary name server had not yet copied the new zone data to itself via AXFR.</p>
<p>Hosteurope syncs DNS zones once a day, at ~5:30</p>
<p>Manual sync:</p>
<pre class="literal-block">
$ ./dnsnotify.pl cweiske.de 80.237.128.10
</pre>
<p>IP taken from <tt class="docutils literal">/etc/axfrdns/axfrdns4/tcp</tt></p>
<p>Links:</p>
<ul class="simple">
<li><a class="reference external" href="https://cweiske.de/tagebuch/axfr-fails.htm">https://cweiske.de/tagebuch/axfr-fails.htm</a></li>
<li><a class="reference external" href="http://www.lifewithdjbdns.com/#tinydns%20to%20BIND%20zone%20transfer">http://www.lifewithdjbdns.com/#tinydns%20to%20BIND%20zone%20transfer</a></li>
</ul>
<p>Reading axfrdns logs:</p>
<pre class="literal-block">
$ tai64nlocal < /etc/axfrdns/axfrdns4/log/main/current | less
</pre>
</div>
</div>
</div>
<div class="phork-meta">
<a href="https://p.cweiske.de/681/rev-raw/d8d07917ba97ab01c7b763849bc1eb4564a9e54a/README.rst" style="float: right">view raw source</a>
<a href="https://p.cweiske.de/681#README.rst">README.rst</a>
</div>
</div>
</div>