Apart from using Bernstein's tinydns, anyone have any scripts
for looking for problems in zone files or for incrementing the
serial number reliably?
BTW: OpenBSD packages for djbdns & others are on my web page
travis+ml-nanog@subspacefield.org writes:
Apart from using Bernstein's tinydns, anyone have any scripts
for looking for problems in zone files or for incrementing the
serial number reliably?
If you are using BIND, your problem is solved by DDNS and nsupdate.
this has the added advantage of making it significantly more difficult
for the new dns guy (or a buggy script) to take out your nameserver.
Quoting travis+ml-nanog@subspacefield.org:
Apart from using Bernstein's tinydns, anyone have any scripts
for looking for problems in zone files or for incrementing the
serial number reliably?
Check out BIND's named-checkzone and named-compilezone, depending on exactly what you are looking for. There are a number of command line parameters for fine tuning what you care about, and you can use the return value to determine if the zone is valid or not.
As for the serial number, that is some simple scripting depending on what value you use for the serial number.
-- Jason
Confidentiality Notice: This e-mail message (including any attached or
embedded documents) is intended for the exclusive and confidential use of the
individual or entity to which this message is addressed, and unless otherwise
expressly indicated, is confidential and privileged information of Rackspace.
Any dissemination, distribution or copying of the enclosed material is prohibited.
If you receive this transmission in error, please notify us immediately by e-mail
at abuse@rackspace.com, and delete the original message.
Your cooperation is appreciated.
For incrementing your zone's serial number, I usually include zsu to whatever editor I am using. It doesn't check the zone though. You can use the aforementioned named-checkzone, etc. for that.
Paul
Well, all my networks are tiny, and I've only recently started having
to stir DNS zones again, but named-checkconf seems to give good hints.
There are also some public-facing things at domtools.com, and of course
dnsreport.com... but I see DNSreport went for-pay.
Cheers,
-- jra
Jay R. Ashworth wrote:
Apart from using Bernstein's tinydns, anyone have any scripts
for looking for problems in zone files or for incrementing the
serial number reliably?Well, all my networks are tiny, and I've only recently started having
to stir DNS zones again, but named-checkconf seems to give good hints.There are also some public-facing things at domtools.com, and of course
dnsreport.com... but I see DNSreport went for-pay.
Of course not one is the full-check, thus you'll have to combine a couple of them or write your own check.
I (well the script 
also check the delegations from the root down and verify that all the nameservers in that tree think that they are the same SOA-wise and delegation-wise. You'll be astonished how often things break up in the tree that can cause rather odd and not easily found failures otherwise.
Greets,
Jeroen
a message of 41 lines which said:
For incrementing your zone's serial number, I usually include zsu
Do you work for the Russian army
<http://en.wikipedia.org/wiki/ZSU-57-2>, which seems to win the Google
race for "ZSU" or is it <http://www.dns.net/dist/zsu/>?
Yes, they talk about those things on mailing lists concerned with DNS.
(hint: not this one)