And I finally gotten enough cycles to write a script to do this and released it
on Google Code ( https://code.google.com/p/dns-slave-expire-checker/ ). It is
very simple, but if folk find it useful I can add additional functionality...
It is a simple Python program:
./dns_expire_checker.py -r
I review the BIND syslogs on my servers daily. The syslog will
tell me if any slave is having problems loading a zone.
I expect that the hostmasters at my off-site slaves do the same.
If I slave a zone for someone else, and I see problems, I contact
the owner of that zone.
--
On May 6, 2011, at 11:16 AM, John Wobus wrote:
> I try to catch zones that are not updating on the slaves
> to which I have access. I compare the modtime of the zone
> file with the current time and the refresh interval
> for the zone. Typically I allow a failure or two
> before alerting, e.g.
I try to catch zones that are not updating on the slaves
to which I have access. I compare the modtime of the zone
file with the current time and the refresh interval
for the zone. Typically I allow a failure or two
before alerting, e.g. wait 1 refresh + 2 retry intervals.
If the expire interval
On 05/05/2011 04:35, Chris Thompson wrote:
On May 4 2011, Doug Barton wrote:
On 05/04/2011 01:22, hugo hugoo wrote:
So..no way to check that a zone is expired?
You're asking the wrong question. The correct question is, "How can I
make sure that a zone is up to date on all of the slaves?" You
On May 4 2011, Doug Barton wrote:
On 05/04/2011 01:22, hugo hugoo wrote:
So..no way to check that a zone is expired?
You're asking the wrong question. The correct question is, "How can I
make sure that a zone is up to date on all of the slaves?" You do that
by querying the SOA record for th
On 5/4/11 10:22 AM, hugo hugoo wrote:
>
> So..no way to check that a zone is expired?
Hello Hugo,
I recently wrote a small script which mails me about any zones that is due to
expire within the next 24 hours. This works by using the last change time of
the file on disk and the SOA expiry time
2011/5/5 Doug Barton :
> On 05/04/2011 01:22, hugo hugoo wrote:
>>
>> So..no way to check that a zone is expired?
>
> You're asking the wrong question. The correct question is, "How can I make
> sure that a zone is up to date on all of the slaves?" You do that by
> querying the SOA record for the z
On 05/04/2011 01:22, hugo hugoo wrote:
So..no way to check that a zone is expired?
You're asking the wrong question. The correct question is, "How can I
make sure that a zone is up to date on all of the slaves?" You do that
by querying the SOA record for the zone on each slave and compare the
a...@eurid.eu
To: hugo...@hotmail.com; bind-users@lists.isc.org
Subject: RE: how to check if a slave zone is expired
Date: Wed, 4 May 2011 09:58:22 +0200
Hugo,
“zones” don’t “expire”, like DNSSEC RRSIG with their “end of validity time
stamp”.
At worst, a slave name server is unable to verif
) signal this (Bind does).
Hope this helps.
Kind regards,
Marc Lampo
Security Officer
EURid vzw/asbl
From: hugo hugoo [mailto:hugo...@hotmail.com]
Sent: 04 May 2011 09:56 AM
To: marc.la...@eurid.eu; bind-users@lists.isc.org
Subject: RE: how to check if a slave zone is expired
Marc
Marc,
This example was maybe not the best one.
My questions remains as other zones are well unavailable on all name servers.
Regards,
Hugo,
From: marc.la...@eurid.eu
To: hugo...@hotmail.com; bind-users@lists.isc.org
Subject: RE: how to check if a slave zone is expired
Date: Wed, 4 May
Hugo,
This must be a configuration error on "ns2.skynet.be."
The other 3 authoritative name servers answer fine, for omega-pharma.be;
ns2.skynet.be. returns the list of root name servers, meaning it isn't
configured to be slave for that domain.
Contact Skynet/Belgacom helpdesk to get this
Method 1: Compare the timestamp on the slave zone file with the system's
current date. Compare that difference with the expire timer in the SOA record
in the same zone file. If the difference is greater than the expire timer, then
the zone is expired.
Method 2: Check the logs.
Chris Buxton
Blu
14 matches
Mail list logo
