updating & checking DNS zone files

[jeroen at unfix.org (Jeroen Massar)]

Jay R. Ashworth wrote:
> On Sat, Jul 05, 2008 at 04:07:28PM -0500, travis+ml-nanog at subspacefield.org wrote:
>> Apart from using Bernstein's tinydns, anyone have any scripts
>> for looking for problems in zone files or for incrementing the
>> serial number reliably?
> 
> Well, all my networks are tiny, and I've only recently started having
> to stir DNS zones again, but named-checkconf seems to give good hints.
> 
> There are also some public-facing things at domtools.com, and of course
> dnsreport.com... but I see DNSreport went for-pay.

http://www.ZoneCheck.fr

Of course not one is the full-check, thus you'll have to combine a 
couple of them or write your own check.

I (well the script ;) also check the delegations from the root down and 
verify that all the nameservers in that tree think that they are the 
same SOA-wise and delegation-wise. You'll be astonished how often things 
break up in the tree that can cause rather odd and not easily found 
failures otherwise.

Greets,
  Jeroen

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 187 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20080706/76944d6a/attachment.bin>