-----Original Message----- From: Tony Finch <d...@dotat.at> Date: Wednesday, September 4, 2013 4:50 AM To: Mike Hoskins <micho...@cisco.com> Cc: "bind-users@lists.isc.org" <bind-users@lists.isc.org> Subject: Re: detect if zone/s is frozen
>Mike Hoskins (michoski) <micho...@cisco.com> wrote: >> /dev/rob0 <r...@gmx.co.uk> wrote: >> > >> >I would suggest that if you're making much use of rndc freeze, YDIW. >> >Consider using nsupdate(8) to make your changes. >> >> True, but I just setup two new networks where the tenants wanted exactly >> this capability...so use cases exist. [...] >> >> Failing an easy monitoring solution (I don't see anything in terms of >>rndc >> options, or old/new stats output), you might consider creating a wrapper >> that does the rndc freeze/vi/update serial to mtime/rndc thaw and post >>it >> clearly in /etc/motd. Not perfect, but would mostly work except when >>you >> get distracted in the middle of the vi session. :-) > >Better option: use nsdiff, which calculates the differences between the >live version of your zone and a master file that you edit, and turns the >result into an nsupdate script. > >http://www-uxsup.csx.cam.ac.uk/~fanf2/hermes/conf/bind/bin/nsdiff Thanks for the pointer... Also, I guess I overlooked the obvious? If you nsupdate while a zone is frozen it looks like the update is refused vs silenty queued (nsupdate exists non-zero)...so a nagios/whatever monitor could be written that periodically updates a test record within the zone and complains on failure. _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
