North American Network Operators Group
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: updating & checking DNS zone files

  • From: Jeroen Massar
  • Date: Sun Jul 06 15:45:30 2008
Jay R. Ashworth wrote:
On Sat, Jul 05, 2008 at 04:07:28PM -0500, [email protected] wrote: 
Apart from using Bernstein's tinydns, anyone have any scripts
for looking for problems in zone files or for incrementing the
serial number reliably?


Well, all my networks are tiny, and I've only recently started having
to stir DNS zones again, but named-checkconf seems to give good hints.

There are also some public-facing things at domtools.com, and of course
dnsreport.com... but I see DNSreport went for-pay.

http://www.ZoneCheck.fr

Of course not one is the full-check, thus you'll have to combine a couple of them or write your own check.

I (well the script ;) also check the delegations from the root down and verify that all the nameservers in that tree think that they are the same SOA-wise and delegation-wise. You'll be astonished how often things break up in the tree that can cause rather odd and not easily found failures otherwise.

Greets,
 Jeroen

Attachment: signature.asc
Description: OpenPGP digital signature