2

I run a slave name server of a domain that I do not have full control over (i.e. changing the SOA is not possibly). The SOA specifies an expiry time of one week. For various reasons, Iā€™d like to override that value on my specific slave server to something larger. Is there a way to do that?

N.B: I know that for the refresh and retry fields, bind9 provides the options min-refresh-time, max-refresh-time, min-retry-time and max-retry-time to overrule the SOA, as mentioned in the documentation. For some reason this just does not include expiry.

masegaloeh
  • 18,236
  • 10
  • 57
  • 106
Joachim Breitner
  • 3,779
  • 3
  • 18
  • 21

2 Answers2

8

After reading the code, I found a solution that seems to work. bind stores the time of what he think he last refreshed the zone as the modification time of the zone file. So

$ touch /var/cache/bind/domain.tld.db
$ rndc reload

will make it think it has just refreshed the domain. This trick works even in hindsight, i.e. after the link to the master servers are lost and the domain has already expired and the slave server has stopped to answer requests.

Joachim Breitner
  • 3,779
  • 3
  • 18
  • 21
  • 1
    I confirm it works. This is awesome. I'm deligthed by the siplicity of the solution. Thanks @joachim-breitner ! ā€“ leucos Oct 09 '14 at 19:22
  • I had some networking issues that prevented my zone master from talking to remote slaves for an extended period of time. Running touch on the zone files did the trick for me to un-break things. Many thanks! ā€“ GeneBean Apr 25 '23 at 13:16
1

I don't think you can override expiration time. However, if one week out-of sync is ok, maybe set it up as master, and sync it periodically with dig -t AXFR>db.zone and rndc reload.

Sandman4
  • 4,077
  • 2
  • 21
  • 27