Problem with mass change of TTL and Serial Number
Hi I'm a newbie in this forum but I see few topics for mass ttl and serial number changes so I try to do that for me but there is a problem.
What I do:
1. Log on the server as root via SSH
2. cp -a /var/named/ /var/named-backup
3. cd /var/named
4. perl -pi.bak -e "s/14400/60/g" *.db
5. perl -pi.bak -e "s/86400/60/g" *.db
6. sed -i s/'[0-9]\{10\}'/`date +%Y%m%d%H`/ /var/named/*.db
7. rndc reload
8. service named restart
After that I check a random .db file in /var/named . The file is for domain domain.bg and everything looks good.
Also I check DNS zone for this domain in WHM and there everything looks good again (see the attachment). After all check I make a 3rd check via terminal on my computer and few other computers but there is a problem with TTL. When I run "dig domain.bg" the result is not what I expect.
I think my network may had a cache and check from other of our servers and the result is the same. After that I make a check from /http://www.dnsqueries.com/en/domain_check.php here and the result is the same. So where is the problem? I look at these topic before intervention: Also few other topics from this forum and other forums. Best regards, Mirchev Ideas Team
; cPanel first:11.34.0.11 (update_time):2014031309 Cpanel::ZoneFile::VERSION:1.3 hostname:schost1.serverdomain.com latest:11.36.0.11
; Zone file for domain.bg
$TTL 60
domain.bg. 60 IN SOA ns1-70-82.superdnsserver.net. manager.someotherdomain.com. (
2014031309 ;Serial Number
60 ;refresh
7200 ;retry
3600000 ;expire
60 ;minimum
)
domain.bg. 60 IN NS ns1-70-82.superdnsserver.net.
domain.bg. 60 IN NS ns2-70-82.superdnsserver.net.
domain.bg. 60 IN A 193.107.70.82
localhost 60 IN A 127.0.0.1
www 60 IN CNAME domain.bg.
ftp 60 IN A 193.107.70.82
cpanel 60 IN A 193.107.70.82
whm 60 IN A 193.107.70.82
webdisk 60 IN A 193.107.70.82
webmail 60 IN A 91.215.216.58
default._domainkey IN TXT "v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDX7bbaE6IP1yUcZ7f8NsQVzVB6DPUAoVwwysDMjJ2XA426RA1tSYLy60sjbgNS+DXjQYMLVh+LHP7u6PCMrQ8hfBEV7nxx09hI9DhM0NXnmnGt8CKoiWahkQcsvjRLFO5odvOnpqCWUfINHZ8AUC2D7bD9s7nSv9eD6zZh+T2yYwIDAQAB;"
crm 60 IN A 91.215.216.58
domain.bg 60 IN MX 0 mail.domain.bg.
mail 60 IN A 91.215.216.58Also I check DNS zone for this domain in WHM and there everything looks good again (see the attachment). After all check I make a 3rd check via terminal on my computer and few other computers but there is a problem with TTL. When I run "dig domain.bg" the result is not what I expect.
; <<>> DiG 9.3.6-P1-RedHat-9.3.6-20.P1.el5_8.6 <<>> domain.bg
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 21100
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
;; QUESTION SECTION:
;domain.bg. IN A
;; ANSWER SECTION:
balkanbeauty.bg. 14400 IN A 193.107.70.82
;; AUTHORITY SECTION:
domain.bg. 86400 IN NS ns2-70-82.superdnsserver.net.
domain.bg. 86400 IN NS ns1-70-82.superdnsserver.net.
;; ADDITIONAL SECTION:
ns1-70-82.superdnsserver.net. 636 IN A 193.107.70.82
ns2-70-82.superdnsserver.net. 636 IN A 193.107.70.82
;; Query time: 0 msec
;; SERVER: 195.191.148.254#53(195.191.148.254)
;; WHEN: Thu Mar 13 10:48:50 2014
;; MSG SIZE rcvd: 147
I think my network may had a cache and check from other of our servers and the result is the same. After that I make a check from /http://www.dnsqueries.com/en/domain_check.php here and the result is the same. So where is the problem? I look at these topic before intervention: Also few other topics from this forum and other forums. Best regards, Mirchev Ideas Team
-
Hi, I solved this problem and you can close this topic. What I do: 1. Log on the server as root via SSH 2. cp -a /var/named/chroot/var/named/ /var/name/chroot/var/named-backup 3. cd /var/named/chroot/var/named/ 4. perl -pi -e "s/14400/60/g" *.db 5. perl -pi -e "s/86400/60/g" *.db 6. sed -i s/'[0-9]\{10\}'/`date +%Y%m%d%H`/ *.db 7. rndc reload 8. service named restart And now everything looks great :) Best regards, Mirchev Ideas Team 0 -
Hello :) I am happy to see that you were able to resolve the issue. Thank you for updating us with the outcome. 0 -
Hello, Sorry for posting on this resolved topic. Just wanted to post an actual bash script that uses mirchevideas's method to change TTLs and serials on the local server + syncing with the DNS cluster using main_domain file from /var/cpanel/userdata/: #!/bin/bash now=$(date +"%m_%d_%Y_%H_%M") echo "Making backup of DNS zones" cp -R /var/named /var/named_bak_$now sleep 2; echo "Changing TTL values" ## These are our custom values. Everybody should change these values to fit their needs. If you have 86400, you should set the below settings accordingly. ## From 1800 -> 300; From 3600 -> 240 perl -pi -e "s/1800/300/g" /var/named/*.db perl -pi -e "s/3600/240/g" /var/named/*.db sleep 3; echo "Changing zone serial date" sed -i s/'[0-9]\{10\}'/`date +%Y%m%d%H`/ /var/named/*.db sleep 3; rndc reload service named restart sleep 3; echo "Syncing modified zones to DNS Cluster" grep -r 'main_domain:' /var/cpanel/userdata/ | awk '{print $2}' | sort | while read DOMLIST; do echo "Now syncing ${DOMLIST} zones.."; /scripts/dnscluster synczone ${DOMLIST}; sleep 2; done echo "All done! Just to be sure, please check values in the DNS Sync-only servers."
Thank you.0
Please sign in to leave a comment.
Comments
3 comments