It's so that other servers doing zone transfers can verify if they need to do a zone transfer. Old serial number, no transfer. TTL not involved on this one.
The DNS server knows that it needs to re-read the zone file when the serial number changes as just making a change does not trigger anything, there's no timestamp within the zone file generated by changing anything to note that there has been an update on most DNS software. Most Zone files are just text files in the *nix world.
Normal convention is that the Serial number is the timestamp in date ISO date format followed by a two number increment
2014101501
Microsoft products are set up to autoincrement the Serial Number when changes are made.
It sounds as if you are having some difficulty, so here are two (hopefully) working examples for you. Note that the first option (the .com
zone) will likely prevent resolution of normal .com
domains (e.g. google.com
). The second option (the dns1.com
zone) does not have this drawback.
Example .com
Zone Files
ex. /etc/bind/named.conf.local
; "db.com.tld" is a random name - use whatever you like.
; The same goes for "db.rev.192".
;
; Likewise, you can adjust your "allow-transfer" settings,
; etc. as needed.
zone "com." IN {
type master;
file "/etc/bind/zones/db.com.tld";
allow-transfer { none; };
};
zone "56.168.192.in-addr.arpa" IN {
type master;
file "/etc/bind/zones/db.rev.192";
allow-transfer { none; };
};
ex. /etc/bind/zones/db.com.tld
; BIND data file for TLD ".com"
;
; This will likely break real ".com" websites (i.e. anything not listed here).
$TTL 3600
@ IN SOA com. admin.com. (
2018040501 ; Serial
604800 ; Refresh period
86400 ; Retry interval
2419200 ; Expire time (28 days... later)
604800 ) ; Negative Cache TTL (1 week)
; Name Servers - NS records
@ IN NS ns1.com. ; This is required
@ IN NS ns2.com. ; You should have two name servers
; Name Servers - A records
ns1 IN A 192.168.56.3 ; This is required
ns2 IN A 192.168.56.3 ; You should have two name servers
; Our domains/sub-domains
dns1 IN A 192.168.56.3 ; dns1.com
host1.dns1 IN A 192.168.56.7 ; host1.dns1.com
host2.dns1 IN A 192.168.56.8 ; host2.dns1.com
Note that is okay to use a period like this, though arguably redundant in this case:
;ok.period.com. IN A 192.168.56.3 ; ok.period.com -> FQDN
And this is what you should avoid:
;no.period. IN A 192.168.56.3 ; Don't use periods for sub-domains
;no.period.com IN A 192.168.56.3 ; While this works, this is actually accessed as no.period.com.com!
ex. /etc/bind/zones/db.rev.192
; BIND reverse data file.
; The domain, etc. used should be a listed 'zone' in named.conf.
$TTL 86400
@ IN SOA com. admin.com. (
2018040501 ; Serial
10800 ; Refresh
3600 ; Retry
604800 ; Expire
86400 ) ; Minimum
; In this case, the number just before "PTR" is the last octet
; of the IP address for the device to map (e.g. 192.168.56.[3])
; Name Servers
@ IN NS ns1.com.
@ IN NS ns2.com.
; Reverse PTR Records
3 IN PTR dns1.com.
7 IN PTR host1.dns1.com.
8 IN PTR host2.dns1.com.
Note that the setup above likely limits your options with regards to having your machines access .com
domains other than the ones you create (i.e. they will likely not be able to access them). If you wish them to access foreign .com
domains, you can try the narrower approach below.
Example dns1.com
Zone Files
ex. /etc/bind/named.conf.local
; "db.dns1.com" is a random name - use whatever you like.
;
; Likewise, you can adjust your "allow-transfer" settings,
; etc. as needed.
zone "dns1.com" IN {
type master;
file "/etc/bind/zones/db.dns1.com";
allow-transfer { none; };
};
You can use the same named.conf.local
reverse zone entry as above.
ex. /etc/bind/zones/db.dns1.com
; BIND data for http://dns1.com
$TTL 3600
@ IN SOA ns1.dns1.com. admin.dns1.com. (
2018040501 ; Serial
604820 ; Refresh
86600 ; Retry
2419600 ; Expire
604600 ) ; Negative Cache TTL
; Name Servers - NS records
@ IN NS ns1.dns1.com. ; This is required
@ IN NS ns2.dns1.com. ; You should have two name servers
; Name Servers - A records
ns1 IN A 192.168.56.3 ; This is required
ns2 IN A 192.168.56.3 ; You should have two name servers
; Our domains/sub-domains
dns1.com. IN A 192.168.56.3 ; dns1.com
host1 IN A 192.168.56.7 ; host1.dns1.com
host2 IN A 192.168.56.8 ; host2.dns1.com
ex. /etc/bind/zones/db.rev.192
; BIND reverse data file.
; The domain, etc. used should be a listed 'zone' in named.conf.
$TTL 86400
@ IN SOA dns1.com. admin.dns1.com. (
2018040501 ; Serial
10800 ; Refresh
3600 ; Retry
604800 ; Expire
86400 ) ; Minimum
; In this case, the number just before "PTR" is the last octet
; of the IP address for the device to map (e.g. 192.168.56.[3])
; Name Servers
@ IN NS ns1.dns1.com.
@ IN NS ns2.dns1.com.
; Reverse PTR Records
3 IN PTR dns1.com.
7 IN PTR host1.dns1.com.
8 IN PTR host2.dns1.com.
Best Answer
In a
bind9
zone file, any fully qualified domain name (FQDN) needs to have the ending.
character added to it.Your references around line 11-12ish
Don't have them.
Should be:
Don't forget to increase your serial.
Also, don't forget that if you are doign this for real you need to have glue records set up otherwise one of your name servers must be outside of your domain (zone).