Hi Jon,

This is not normally an issue, because the "normal" way to set up DNS is to set up a single "primary" server, and make the other servers be "secondary" servers. The secondary servers automatically get their DNS zone files from the primary, and therefore there should be no chance (except, temporarily, while waiting for an update to occur) of the serial numbers not matching.

So I find myself wondering how yours is set up?

The WHOIS for Partner400.com shows these servers:

NS2.MYDOMAIN.COM
NS3.MYDOMAIN.COM
NS4.MYDOMAIN.COM
NS1.MYDOMAIN.COM
NS1.AFRAID.ORG
NS2.AFRAID.ORG

So you have 6 DNS servers, and 4 of them are hosted on MYDOMAIN.COM, and 2 are hosted on AFRAID.ORG. The problem seems to be that they disagree on what your DNS information is.

I look up the SOA record on any of the 4 MYDOMAIN.COM servers, it shows this:

> partner400.com
Server: ns3.mydomain.com
Address: 64.94.117.197#53

partner400.com
origin = ns1.mydomain.com
mail addr = hostmaster.partner400.com
serial = 2012011508
refresh = 16384
retry = 2048
expire = 1048576
minimum = 2560

So this tells me that the primary/master for Partner400.com is ns1.mydomain.com, the serial number is 2012011508 (it appears that, like me, they use the date & a sequence number for the serial number... good idea!) and that if I have any questions, I should contact hostmaster@xxxxxxxxxxxxxx.

But when I query the two AFRAID.ORG servers, I get this:

> partner400.com
Server: ns2.afraid.org
Address: 174.37.196.55#53

partner400.com
origin = ns1.afraid.org
mail addr = dnsadmin.afraid.org
serial = 1110170005
refresh = 86400
retry = 7200
expire = 2419200
minimum = 3600

Total disagreement here.. afraid.org thinks that ns1.afraid.org is the primary server, the serial number is in a different format (possibly a 6-digit date.. and if so, it hasn't been updated since October, so is much older than the MYDOMAIN one) and indeed several of the other values are different as well. If I want information, I can contact dnsadmin@xxxxxxxxxx

Any software that compares the servers will assume that the MYDOMAIN.COM ones are up-to-date, and the AFRAID.ORG ones are in error, because their serial numbers are lower. (But, most software only looks at one server at a time, so won't make that comparison.)

My best guess is that you are contracting with two different companies to provide your DNS service? And, both think they are the sole provider for partner400.com?

If that's the case, then you should do one of two things:

a) Contact AFRAID.ORG and ask them to only provide secondary DNS, tell them the primary is hosted elsewhere. Get them to automatically sync with MYDOMAIN.COM (And get MYDOMAIN.COM to allow zone transfers from AFRAID.ORG).

This would solve your problem, but, IMHO, it's overkill.

b) Discontinue one of the services. Frankly, you don't need 6 DNS servers on two different companies. Discontinue one of them, and save yourself some money.

Happy birthday, by the way.



On 1/15/2012 11:56 AM, Jon Paris wrote:

IntoDNS.com is reporting that I have non-matching SOA serial numbers
listed on different DNS servers and that I should fix this.

Here's the problem - when I set up the DNS I did not enter these
values and have no idea how they got there. There seem to be 3
different values - so how do I know which is the "correct" one, and
how does one go about correcting an entry that they never made in the
first place!


As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:
Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.