We use Validns for exactly that purpose: http://www.validns.net
Brett On Tue, 9 Feb 2021 at 18:56, Wessels, Duane via dns-operations <dns-operati...@dns-oarc.net> wrote: > > > > > ---------- Forwarded message ---------- > From: "Wessels, Duane" <dwess...@verisign.com> > To: Matthew Richardson <matthe...@itconsult.co.uk> > Cc: "dns-operati...@dns-oarc.net" <dns-operati...@dns-oarc.net> > Bcc: > Date: Tue, 9 Feb 2021 18:53:33 +0000 > Subject: Re: [dns-operations] anybody awake over at comcast.net? > > > > On Feb 9, 2021, at 9:58 AM, Matthew Richardson <matthe...@itconsult.co.uk> > > wrote: > > > > On Tue, 9 Feb 2021 16:43:20 +0000, Duane Wessels wrote:- > > > >> If you use Nagios or something compatible, there is this: > >> > >> http://secure-web.cisco.com/1ZWcEZ_A3D0HVUDh0W30HiqK06_fxVH7k6Y8MQ0xEkq1R7DisrP18NBN1e4yKETi4R0R3tKtYvbgbceXgcgJ9C21mjdIL9Y0Pi_Vi2A0Bec1tUqiBtCl2wuBuf4RT9Knwd995i-JtjkwjqGTjcDaMcEBN2Wd3J0kKflgMjk2Quq2zjxyDzHe1onv98qw0k-KwnjHmEXxC0KV139PzFEJNQuXFh0FvDW6UESHUbtewefOJN2wnn7lvU7iwPnTztW2X_FiaYT56yvFT9z4BFBcAwg/http%3A%2F%2Fdns.measurement-factory.com%2Ftools%2Fnagios-plugins%2Fcheck_zone_rrsig_expiration.html > >> > >> But it only checks one RR (default SOA) since it doesn't assume access to > >> the whole zone. > >> That would be a good upgrade, though, to have it axfr the zone and check > >> everything. > > > > Are there any existing tools which would take a whole zonefile and check > > the expirations? In a similar way to (for example) dnssec-verify from > > Bind. > > > YAZVS: Yet Another Zone Validation Script > > https://github.com/verisign/yazvs > > It is designed to also show changes between a new and current zone, but you > can skip that part with the -x option. > > DW > > > > > > ---------- Forwarded message ---------- > From: "Wessels, Duane via dns-operations" <dns-operati...@dns-oarc.net> > To: Matthew Richardson <matthe...@itconsult.co.uk> > Cc: "dns-operati...@dns-oarc.net" <dns-operati...@dns-oarc.net> > Bcc: > Date: Tue, 9 Feb 2021 18:53:33 +0000 > Subject: Re: [dns-operations] anybody awake over at comcast.net? > _______________________________________________ > dns-operations mailing list > dns-operations@lists.dns-oarc.net > https://lists.dns-oarc.net/mailman/listinfo/dns-operations _______________________________________________ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations
