Hi Jon,
This is not normally an issue, because the "normal" way to set up DNS is
to set up a single "primary" server, and make the other servers be
"secondary" servers. The secondary servers automatically get their DNS
zone files from the primary, and therefore there should be no chance
(except, temporarily, while waiting for an update to occur) of the
serial numbers not matching.
So I find myself wondering how yours is set up?
The WHOIS for Partner400.com shows these servers:
NS2.MYDOMAIN.COM
NS3.MYDOMAIN.COM
NS4.MYDOMAIN.COM
NS1.MYDOMAIN.COM
NS1.AFRAID.ORG
NS2.AFRAID.ORG
So you have 6 DNS servers, and 4 of them are hosted on MYDOMAIN.COM, and
2 are hosted on AFRAID.ORG. The problem seems to be that they disagree
on what your DNS information is.
I look up the SOA record on any of the 4 MYDOMAIN.COM servers, it shows
this:
> partner400.com
Server: ns3.mydomain.com
Address: 64.94.117.197#53
partner400.com
origin = ns1.mydomain.com
mail addr = hostmaster.partner400.com
serial = 2012011508
refresh = 16384
retry = 2048
expire = 1048576
minimum = 2560
So this tells me that the primary/master for Partner400.com is
ns1.mydomain.com, the serial number is 2012011508 (it appears that, like
me, they use the date & a sequence number for the serial number... good
idea!) and that if I have any questions, I should contact
hostmaster@xxxxxxxxxxxxxx.
But when I query the two AFRAID.ORG servers, I get this:
> partner400.com
Server: ns2.afraid.org
Address: 174.37.196.55#53
partner400.com
origin = ns1.afraid.org
mail addr = dnsadmin.afraid.org
serial = 1110170005
refresh = 86400
retry = 7200
expire = 2419200
minimum = 3600
Total disagreement here.. afraid.org thinks that ns1.afraid.org is the
primary server, the serial number is in a different format (possibly a
6-digit date.. and if so, it hasn't been updated since October, so is
much older than the MYDOMAIN one) and indeed several of the other values
are different as well. If I want information, I can contact
dnsadmin@xxxxxxxxxx
Any software that compares the servers will assume that the MYDOMAIN.COM
ones are up-to-date, and the AFRAID.ORG ones are in error, because their
serial numbers are lower. (But, most software only looks at one server
at a time, so won't make that comparison.)
My best guess is that you are contracting with two different companies
to provide your DNS service? And, both think they are the sole provider
for partner400.com?
If that's the case, then you should do one of two things:
a) Contact AFRAID.ORG and ask them to only provide secondary DNS, tell
them the primary is hosted elsewhere. Get them to automatically sync
with MYDOMAIN.COM (And get MYDOMAIN.COM to allow zone transfers from
AFRAID.ORG).
This would solve your problem, but, IMHO, it's overkill.
b) Discontinue one of the services. Frankly, you don't need 6 DNS
servers on two different companies. Discontinue one of them, and save
yourself some money.
Happy birthday, by the way.
On 1/15/2012 11:56 AM, Jon Paris wrote:
IntoDNS.com is reporting that I have non-matching SOA serial numbers
listed on different DNS servers and that I should fix this.
Here's the problem - when I set up the DNS I did not enter these
values and have no idea how they got there. There seem to be 3
different values - so how do I know which is the "correct" one, and
how does one go about correcting an entry that they never made in the
first place!
midrange.com
