If there is something I always forget, it is to update serial numbers of DNS zones.

Serial numbers is the only source used for zones transfers, so if you forget to update them, the secondary NS will keep serving the old zone.
When you use a fancy DNS server, which has a database backend for intance, it can compute the serial number automatically (which is usually in the YYYYMMDDxx format). In my case, it is much simpler to rely on BIND-style zone files.

My first solution was adding at the top of my zone files:


However, it still required me to update the serial number manually, which is pretty annoying.

Then I discovered the dnstouch tool from ndu (that tool does not require BIND). When you run it on a zone file, it updates the serial number with the current date, and even handles the last two digits (a simple counter).

This inspired me to automate even the part of starting dnstouch. Now, I simply run make and the serial numbers are updated, only if required.

Here is the Makefile:

.SUFFIXES: .zone .zonetouch
zones := $(patsubst %.zone,%.zonetouch,$(wildcard *.zone))
all: $(zones)
	dnstouch $< && touch -r $< $@

What does it do:

  • Declare that *.zone and *.zonetouch are generic actions
  • Find out what the *.zone files are, and deduce the .zonetouch files that should be updated or generated
  • Declare the default action is to generate all the .zonetouch files
  • Declare the action to generate a .zonetouch file from a .zone file. If the .zonetouch is outdated, the commands will be ran. If not, make runs dnstouch, and then creates or updates the .zonetouch file, with the same modification time.
