-----Original Message----- From: Mark Pettit <pet...@yahoo-inc.com> Date: Monday, May 21, 2012 3:53 PM To: Microsoft Office User <micho...@cisco.com> Cc: Barry Margolin <bar...@alum.mit.edu>, "comp-protocols-dns-b...@isc.org" <comp-protocols-dns-b...@isc.org> Subject: Re: Checking for zone expiration?
>On May 21, 2012, at 2:02 PM, Mike Hoskins wrote: > >> as usual there is more than one way to skin a cat... another >> network-based way that doesn't involve local mtime checks would be >> querying the master soa from your monitoring host, and then hitting each >> slave on port 8080 (or whatever) via statistics-channels (if you enable >> it) as mentioned earlier on the list. the statistics view returns xml >>you >> can parse which includes the zones and serials for each zone in each >>view >> on the slave. > >I have not tried this, so pardon me if I misunderstand, but getting the >zones and serials from each zone on a slave does not help you determine >if a zone is about to expire. > >If a zone doesn't change for two years, the serial will never change. >But the refresh timer will expire over and over, and each time the zone >must be refreshed. The only guaranteed way I know of to determine >whether or not it's been refreshed is to check the mtime on the zone file >on the slave. *sigh* thanks for the stupidity catch, i jumped the gun -- just enabled statistics-channels and trying to find more uses for it! ;-) maybe this could be a feature in a future bind release (per-zone expiration timer in statistics output). we generally always work to move anything we can from local/shell-based checks to network queries. _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
