Jay R. Ashworth wrote:
On Sat, Jul 05, 2008 at 04:07:28PM -0500, travis+ml-nanog@subspacefield.org wrote:
Apart from using Bernstein's tinydns, anyone have any scripts for looking for problems in zone files or for incrementing the serial number reliably?
Well, all my networks are tiny, and I've only recently started having to stir DNS zones again, but named-checkconf seems to give good hints.
There are also some public-facing things at domtools.com, and of course dnsreport.com... but I see DNSreport went for-pay.
http://www.ZoneCheck.fr Of course not one is the full-check, thus you'll have to combine a couple of them or write your own check. I (well the script ;) also check the delegations from the root down and verify that all the nameservers in that tree think that they are the same SOA-wise and delegation-wise. You'll be astonished how often things break up in the tree that can cause rather odd and not easily found failures otherwise. Greets, Jeroen