Linode slave DNS zone not updating
Linode
Linode Staff
I’m running my own PowerDNS server, using Linode DNS as a slave, with --allow-axfr-ips and --also-notify set to 104.237.137.10,65.19.178.10,75.127.96.10,207.192.70.10,109.74.194.10,2600:3c00::a,2600:3c01::a,2600:3c02::a,2600:3c03::a,2a01:7e00::a
The master has been sending notifications to Linode DNS servers, and responding to AFXR requests.
Dec 16 04:22:10 IXFR of domain ‘example.com' initiated by 109.74.194.10:49359 with serial 2019121610
Dec 16 04:22:10 IXFR of domain 'example.com' to 109.74.194.10:49359 finished
As of now however, the slave zone is no longer updating with changes made on the master. For example, I've added a TXT record 'test' to the example.com domain, but it's not showing when I query from ns*.linode.com.
dig +short @<IPAddress> example.com txt
"test"
dig +short @ns{1..5}.linode.com example.com txt
"v=spf1 a mx ~all"
My LetsEncrypt scripts are failing because they rely on DNS for verification. What might be the reason for this not working?
2 Replies
bthompson
Linode Staff
It sounds like the SOA serial number is the same on the master and slave zones. You can check via the following commands:
dig +multi @<IPAddress> example.com soa | grep serial
dig +multi @ns{1..5}.linode.com trademarkdetector.com soa | grep serial
You'll need to bump up the serial number on the master in order for the slave to be notified of a change.
I just ran across this question when I realized my Let's Encrypt cronjob stopped working last September (2019-09-03). While trying to debug what went wrong, I noticed that the Linode server's were no longer showing any changes. I even bumped the serial number and Linode is not picking up any of the changes.