Checking for zone expiration?

Jan-Piet Mens jpmens.dns at gmail.com
Tue May 22 09:09:43 UTC 2012


Warren,

> I wrote a tool to do this a while back --
> http://code.google.com/p/dns-slave-expire-checker/

Cool stuff and very useful. I took it for a tiny spin, and here are my
EUR 0.02 :)

1. Doesn't seem to grok all RRtypes in  slave zones, due probably to
   missing functionality of dnspython; the following diagnostic on a
   zone containing a KEY RR:

   Unable to parse /var/named/jpmens.org: /var/named/jpmens.org:107:
   generic rdata does not start with \#

2. The program should perhaps ignore non-zone files (e.g. *.key, *.jnl,
   *.jbk), although that can be influenced with `-f'... 
   
   In particular, directories ought to either be skipped or descended
   into.

3. Parsing of large zone files takes quite a while... (dnspython)

4. I spent a bit of time debugging becausse a slave zone wouldn't parse:
   dnspython raised a dns.zone.NoSOA exception. Only *after* debugging,
   did I read the FM to discover that zone file-names are origin names;
   maybe add this a bit more prominently to the top of the fine manual?  :)

Regards,

        -JP



More information about the bind-users mailing list