checking dns records from named.conf
Leif Neland
leifn at neland.dk
Tue Jul 22 07:53:43 PDT 2003
----- Original Message -----
From: "Adam Maloney" <adamm at sihope.com>
To: "Ted Cabeen" <secabeen at pobox.com>
Cc: <freebsd-isp at freebsd.org>; "Evren Yurtesen" <yurtesen at ispro.net.tr>
Sent: Monday, July 21, 2003 8:27 PM
Subject: Re: checking dns records from named.conf
> I suppose you could "dig @yourresolver domain.org ns" - and let your
> resolver do the recursion. That seems to give me the correct output for a
> random .org...
>
It won't work if you use yourresolver, if it points to yournameserver,
because you will only be checking against yourself.
I'ts better to use a foreign nameserver, for instance your uplink/isp, or a
friendly nameserver somewhere else.
I use a perlscript with Big Brother, giving yellow alert when my nameserver
disagrees with a foreign nameserver, and I know something is being
redelegated. I have a # comment with the date in resolv.conf. Then when the
change is finished, I change the # to a // comment.
I get a red alert when my nameserver(s) disagrees with the foreign
nameserver, and I haven't a # comment, i.e. the change is not supposed to
happen.
Btw, I _never_ delete a domain from resolv.conf, I just comment it out, with
a date and reason, to keep the history somewhere.
Another BigBrother script checks if the domains in sendmail.cw, also has the
mailserver as lowest MX.
Leif
More information about the freebsd-isp
mailing list