Script for verifying zone files
Casey Deccio
casey at deccio.net
Thu Jul 22 17:21:01 UTC 2010
On Thu, Jul 22, 2010 at 10:01 AM, Atkins, Brian (GD/VA-NSOC)
<Brian.Atkins2 at va.gov> wrote:
>
> Several people suggested looking at named-checkzone, but my goal is to compare an edited version of the zone file against the active zone file.
>
If you're just looking at changes, try something like:
named-checkzone -D -o zone1-canonical.txt example.com zone1.txt
named-checkzone -D -o zone2-canonical.txt example.com zone2.txt
diff -u zone{1,2}-canonical.txt
>
> The named-checkzone program, to my understanding, merely checks for syntax and doesn't do anything with actual verification of the records.
>
>From 'man named-checkzone':
"[named-checkzone] performs the same checks as named does when loading
a zone.... [named-compilezone] applies stricter check levels by
default, since the dump output will be used as an actual zone file
loaded by named."
See options in the man page for checks that are done by default (e.g.,
-i, -k, -m, etc.)
Regards,
Casey
More information about the bind-users
mailing list