BIND 9: External: zone serial has gone backwards Error And Solution

by Mr. DNS on October 25, 2009 · 0 comments

in Q & A

I see the following error in my /var/log/messages file under Linux operating systems running BIND 9 master name server:

May 25 15:43:29 ns1 named[11794]: general: info: loading configuration from ‘/etc/named.conf’
May 25 15:43:29 ns1 named[11794]: general: info: using default UDP/IPv4 port range: [1024, 65535]
May 25 15:43:29 ns1 named[11794]: general: info: using default UDP/IPv6 port range: [1024, 65535]
May 25 15:43:29 ns1 named[11794]: general: error: the working directory is not writable
May 25 15:43:29 ns1 named[11794]: general: error: zone example.org/IN/external: zone serial has gone backwards
May 25 15:43:29 ns1 named[11794]: general: info: zone example.org/IN/external: loaded serial 2008090814
May 25 15:43:29 ns1 named[11794]: notify: info: zone example.org/IN/external: sending notifies (serial 2008090814)

How do I fix this problem under BIND 9 named server?

This error means you set wrong zone serial number. You must increment zone serial number. But, if you decremented the zone serial number you will get this error. In this example, zone serial number is set to 2008090816:

$ORIGIN example.org.
$TTL 3h
@       IN      SOA     ns1.example.org.       admin.example.org.(
                        2008090816      ; Serial yyyymmddnn
                        3h              ; Refresh After 3 hours
                        1h              ; Retry Retry after 1 hour
                        1w              ; Expire after 1 week
                        1h)             ; Minimum negative caching of 1 hour
; Name servers for example.org
@                       86400   IN      NS      ns1.example.org.
@                       86400   IN      NS      ns2.example.org.
@                       86400   IN      NS      ns3.example.org.

When you made changes to zone file increase zone serial number by one i.e. change 2008090816 to 2008090817 (but not to 2008090815). Save and close the file. Finally, reload named as follows:
rndc reload && tail -f /var/log/messages

{ 0 comments… add one now }

Previous post:

Next post: