Matus UHLAR - fantomas <uh...@fantomas.sk> wrote:
>
> unfortunately this happens when you decide to mirror root zone and it fails.
>
> you should use more primary servers when possible and change root zone
> type from secondary to hint if it fails.
In this particular case, adding more primaries would not have helped
because the firewall that caused the breakage would have broken every
primary.
I have a little monitoring cron job to avoid this kind of problem.
(You'll need to adjust the paths for your setup.)
#!/usr/bin/perl
use warnings;
use strict;
my $type = '';
for (qx(named-checkconf -px)) {
$type = $1 if m{^\s*type\s+(\w+);$};
next unless $type eq "slave"
and m{^\s*file\s+"\.\./zone/(.*)";$};
my $zone = $1;
my $file = "/home/named/zone/$1";
next if -f $file and 1 > -M $file;
print "stale zone $zone\n";
}
> Note that rarely someone needs to have local copy of the root zone.
Yes.
> If you use cisco routers, ask network admins to disable any DNS "fixup"
> functionality, because that usually causes problems.
In my experience all Cisco PIX/ASA fuxup options are horribly broken and
should be turned off.
Tony.
--
f.anthony.n.finch <d...@dotat.at> http://dotat.at/
Shannon: South or southwest 6 to gale 8, increasing severe gale 9 or storm 10
for a time. Very rough at first in east, otherwise high or very high. Rain or
showers. Good, occasionally poor.
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
