Skip to content

multiple DDNS zone updates fails when using serial-policy unixtime

Attempting to perform multiple dynamic DNS zone updates fail with serial-policy unixtime.

Please find below the attached example configuration and log outputs to reproduce this issue. This has been tested with knot 2.6.7 on Debian buster.

$ tail -n +1 /etc/knot/knot.conf /var/lib/knot/zones/example.org test.sh 
==> /etc/knot/knot.conf <==
server:
    listen: 0.0.0.0@53
    listen: ::@53
    user: knot:knot

log:
  - target: syslog
    any: info

acl:
  - id: example.org
    action: update

template:
  - id: default
    file: zones/%s
    semantic-checks: on
    serial-policy: unixtime

zone:
  - domain: example.org
    acl: [example.org]


==> /var/lib/knot/zones/example.org <==
example.org.    3600    SOA     ns1.example.org. hostmaster.example.org 1530570453 3600 1200 3628800 60
example.org.    3600    NS      ns1.example.org.
ns1             3600    A       127.0.0.1

==> test.sh <==
#! /bin/sh

cat << EOF | nsupdate
server localhost

update delete ip1.example.org.
update add ip1.example.org. 60 IN A 192.0.2.1

update delete ip2.example.org.
update add ip2.example.org. 60 IN A 192.0.2.2

update delete ip3.example.org.
update add ip3.example.org. 60 IN A 192.0.2.3

send
quit
EOF
$ systemctl start knot.service

Jul 05 00:33:52 hostname systemd[1]: Started Knot DNS server.
Jul 05 00:33:52 hostname knotd[22344]: info: Knot DNS 2.6.7 starting
Jul 05 00:33:52 hostname knotd[22344]: info: binding to interface 0.0.0.0@53
Jul 05 00:33:52 hostname knotd[22344]: info: binding to interface ::@53
Jul 05 00:33:52 hostname knotd[22344]: info: changing GID to 105
Jul 05 00:33:52 hostname knotd[22344]: info: changing UID to 103
Jul 05 00:33:52 hostname knotd[22344]: info: loading 1 zones
Jul 05 00:33:52 hostname knotd[22344]: info: [example.org.] zone will be loaded
Jul 05 00:33:52 hostname knotd[22344]: info: starting server
Jul 05 00:33:52 hostname knotd[22344]: info: [example.org.] loaded, serial 1530570453
Jul 05 00:33:52 hostname knotd[22344]: info: server started in the foreground, PID 22344
Jul 05 00:33:52 hostname knotd[22344]: info: control, binding to '/run/knot/knot.sock'
$ ./test.sh 
update failed: SERVFAIL

Jul 05 00:34:38 hostname knotd[22344]: info: [example.org.] DDNS, processing 1 updates
Jul 05 00:34:38 hostname knotd[22344]: info: [example.org.] DDNS, update finished, serial 1530570453 -> 1530743678, 0.09 seconds
Jul 05 00:34:38 hostname knotd[22344]: info: [example.org.] zone file updated, serial 1530570453 -> 1530743678
Jul 05 00:34:38 hostname knotd[22344]: info: [example.org.] DDNS, processing 1 updates
Jul 05 00:34:38 hostname knotd[22344]: warning: [example.org.] updated serial is lower than current, serial 1530743678 -> 1530743678
Jul 05 00:34:38 hostname knotd[22344]: info: [example.org.] DDNS, finished, no changes to the zone were made
Jul 05 00:34:38 hostname knotd[22344]: info: [example.org.] DDNS, processing 1 updates
Jul 05 00:34:38 hostname knotd[22344]: warning: [example.org.] updated serial is lower than current, serial 1530743678 -> 1530743678
Jul 05 00:34:38 hostname knotd[22344]: warning: [example.org.] journal, duplicate changeset serial (1530743678), dropping older changesets
Jul 05 00:34:38 hostname knotd[22344]: notice: [example.org.] journal is full, flushing
Jul 05 00:34:38 hostname knotd[22344]: warning: [example.org.] journal, duplicate changeset serial (1530743678), dropping older changesets
Jul 05 00:34:38 hostname knotd[22344]: error: [example.org.] DDNS, processing failed (requested resource is busy)

I suspect the problem is that the updates happen much faster than one second and thus generate the same unix time stamp. Removing the "serial-policy: unixtime" line from the configuration makes the error go away:

Jul 05 00:58:19 hostname knotd[22379]: info: [example.org.] DDNS, processing 1 updates
Jul 05 00:58:19 hostname knotd[22379]: info: [example.org.] DDNS, update finished, serial 1530743678 -> 1530743679, 0.06 seconds
Jul 05 00:58:19 hostname knotd[22379]: info: [example.org.] zone file updated, serial 1530743678 -> 1530743679
Jul 05 00:58:19 hostname knotd[22379]: info: [example.org.] DDNS, processing 1 updates
Jul 05 00:58:20 hostname knotd[22379]: info: [example.org.] DDNS, update finished, serial 1530743679 -> 1530743680, 0.02 seconds
Jul 05 00:58:20 hostname knotd[22379]: info: [example.org.] zone file updated, serial 1530743679 -> 1530743680
Jul 05 00:58:20 hostname knotd[22379]: info: [example.org.] DDNS, processing 1 updates
Jul 05 00:58:20 hostname knotd[22379]: info: [example.org.] DDNS, update finished, serial 1530743680 -> 1530743681, 0.02 seconds
Jul 05 00:58:20 hostname knotd[22379]: info: [example.org.] zone file updated, serial 1530743680 -> 1530743681