BIND uses the SOA minimum instead of the record's explicit TTL on the SOA record on the slave server. This will prevent (for example), an attempt to delegate an IN-ADDR.ARPA. zone from APNIC, as the SOA records will not match on master and slave. Patch supplied by Mark Andrews of the ISC (works against 8.2.2P3 and 8.2.2P5, pity about the line wrapping in the web form): diff -u -r8.98 db_load.c --- src/bin/named/db_load.c 2000/02/21 21:27:41 8.98 +++ src/bin/named/db_load.c 2000/02/25 04:26:41 @@ -294,6 +294,7 @@ default_warn = 1; clev = nlabels(in_origin); filenames = NULL; + zp->z_minimum = USE_MINIMUM; } ttl = default_ttl; @@ -744,7 +746,7 @@ zp->z_minimum = 0; } else zp->z_minimum = n; - if (default_ttl == USE_MINIMUM) + if (ttl == USE_MINIMUM) ttl = n; n = cp - (char *)data; if (multiline) { @@ -752,6 +754,7 @@ buf[1] = '\0'; if (buf[0] != ')') ERRTO("SOA \")\""); + multiline = 0; endline(fp); } read_soa++; @@ -973,7 +981,10 @@ case ns_t_cert: case ns_t_sig: { char *errmsg = NULL; - int ret = parse_sec_rdata(buf, sizeof(buf), 0, + int ret; + if (ttl == USE_MINIMUM) /* no ttl set */ + ttl = 0; + ret = parse_sec_rdata(buf, sizeof(buf), 0, data, sizeof(data), fp, zp, domain, ttl, type, domain_ctx, @@ -1024,6 +1035,8 @@ zp->z_origin); continue; } + if (ttl == USE_MINIMUM) /* no ttl set */ + ttl = 0; dp = savedata(class, type, (u_int32_t)ttl, (u_char *)data, (int)n); dp->d_zone = zp - zones;
Thanks, fixed.
Commit pushed to master at https://github.com/openshift/openshift-ansible https://github.com/openshift/openshift-ansible/commit/60640eac06a87a69e0858c8f8ecebdc3feb6c265 issue #9820