BIND problem

Barry Margolin barmar at genuity.net
Mon Aug 6 19:55:04 UTC 2001


In article <9kffu8$402 at pub3.rc.vix.com>,  <Mark.Andrews at nominum.com> wrote:
>> In the real world, most DNS administrators don't even check the log for
>> error messages, let alone do a dig to see if the results look like what
>> they typed.  If we didn't check things on our secondary servers, most of
>> our customers would never know when they messed up their primaries.  And
>> our customers are primarily Fortune 1000, universities, and government
>> agencies.
>
>	I just used "find /var/named/cache -type f -mtime +3" to catch this
>	sort of error.  Very few refresh timers are > 1 day and this allows
>	a error on Friday to be found Monday and be fixed without hitting
>	the radar on the secondary.

I used to do something like that, but used "-mtime +0".  Now I read the
Refresh and Retry values out of the zone file, and report on any zone files
that are more than max(6 hours, Refresh+2*Retry) out of date.  I run this
script from cron several times a day.

This is what I meant by "If we didn't check things on our secondary
servers".  The customers are obviously oblivious to the errors at their end
until we notify them because of our monitoring.

-- 
Barry Margolin, barmar at genuity.net
Genuity, Woburn, MA
*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
Please DON'T copy followups to me -- I'll assume it wasn't posted to the group.


More information about the bind-users mailing list