Resetting DNS SOA Serial

From lathama
Jump to: navigation, search

Resetting or moving the DNS SOA serial number to a lower number To reset a DNS SOA serial number, there is a hack that is barely documented

Remain Calm

  1. On the master or primary server change the SOA Serial number The SOA Serial number has a limit of 4,294,967,295 To trigger the reset of the SOA Serial, you need to change your serial by half the range or ~2,147,483,647 eg... 2011051812 would become 4158535459 and a reload or restart would tell bind to reset the Serial
  2. Wait... With the new serial numbers, all the zones are considered new, and this will take some time 5-15 minutes
  3. Verify the zones on the secondary zones. All of them...
  4. On the primary server set the serial to your desired serial and reload
  5. Again, wait...
  6. Test and verify

Setup a lab so you can try this and educate on the process. By switching your glue records with a registrar and querying for an unrelated sub-domain you can effectively get out of TTL trouble.


Sponsorship and Advertising space here. Please contact me if interested.