Problem: It is hard to intercept and modify search operation.Any additional requirements or changes discovered during the implementation phase. New version of bind-dyndb-ldap the new 389 DS plugin. Zone serial should be incremented after each change.
The only real requirement is that when encoded as a 32-bit integer, the SOA RR serial number field must be incremented when you want slave servers to initiate a zone transfer following either refresh SOA queries or NOTIFY messages from the master.
Short overview of the problem set and any back ground material or references one would need to understand the details. If the value of sn from the master DNS SOA is the same or LOWER then no zone transfer is initiated.
Correct serial number is a requirement for functional zone tranfers.
Corrent zone transfers from IPA to non-IPA DNS server are impossible if zone serial number is not incremented after each change.
Any reasonable zonefile editor will increase the serial number automagically.
Also, the serial number is a useful debugging tool for the DNS admin, by comparing the number retrieved from a resolver with the number in the zonefile, the admin can rule out (or find) DNS caching as source of a problem.
Googling around for answers, I found the following explanation: Serial numbers in DNS zone files provide a way for the server to verify that the contents of a particular zone file are up-to-date.
If the serial number in a zone file hasn't changed since that zone was last loaded, named figures that it can ignore the file.
If the sn value from the master is arithmetically HIGHER than that currently stored by the slave then a zone transfer (AXFR/IXFR) is initiated.