how to check if a slave zone is expired
Warren Kumari
warren at kumari.net
Sat Jun 4 18:13:13 UTC 2011
And I finally gotten enough cycles to write a script to do this and released it on Google Code ( https://code.google.com/p/dns-slave-expire-checker/ ). It is very simple, but if folk find it useful I can add additional functionality...
It is a simple Python program:
./dns_expire_checker.py -r -d /data/dns/zones/slaves/
NOTICE: example.com failed more then once to transfer (679683 > (86407 + 10)
ERROR: example.net has expired! (679683 > (604800 + 10))
NOTICE: example.org failed more then once to transfer (679683 > (86407 + 10)
--------------------------------------------------------------------------------
0 Errors:
1 Expire: example.net
2 Retry: example.com, example.org
0 Refresh:
0 Healthy:
--------------------------------------------------------------------------------
Anyway, share and enjoy.
W
On May 6, 2011, at 11:16 AM, John Wobus wrote:
> I try to catch zones that are not updating on the slaves
> to which I have access. I compare the modtime of the zone
> file with the current time and the refresh interval
> for the zone. Typically I allow a failure or two
> before alerting, e.g. wait 1 refresh + 2 retry intervals.
> If the expire interval is very short, this could
> be too late.
>
> Depending upon the expire interval and refresh interval,
> the window in which you can be alerted and troubleshoot
> a problem might be short. If you're slaving zones
> for another site, you might not have control of that.
>
> If you find out refreshes aren't happening long before
> the expiration, and if the zone is pretty static (e.g. a single
> www.example.com address), you don't have to jump very fast to
> address things if the expire interval is weeks. If folks are
> depending upon records that are dynamic, you want to respond
> pretty quickly.
>
> John Wobus
> _______________________________________________
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
>
More information about the bind-users
mailing list