[dns-operations] online version checks
jgreco at ns.sol.net
Fri Dec 31 12:12:18 UTC 2010
> On Fri, Dec 31, 2010 at 08:11:29AM +0000, Florian Weimer wrote:
> > I find it hard to believe that someone who doesn't keep track of
> > installed software versions will spot the additional unexpected log
> > message, by the way.
> Indeed. From an operational standpoint, I would appreciate an SNMP trap or
> some other flag that says 'this piece of software thinks it should be
> updated' and another one 'this piece of software insists that it be
> That *would* stand out in many places.
Some of us already automate checking versions of DNS servers in our
network monitoring systems, but finding out when you really need to
upgrade vs a minor feature update is still a bit of an art form; as
Paul said, most DNS servers only get restarted very infrequently, and
I do not get paid to run around upgrading nameservers just because
someone added a new feature we don't use/need anyways.
My own experience is that the ClamAV (I think) model of e-mailing a
notice when important things need attention is useful, but that does
not always scale too well to a larger organization.
I'd *like* to be able to have better ways to monitor nameservers, but
some of what would be most useful really requires support in the code
itself, or from ISC.
Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net
"We call it the 'one bite at the apple' rule. Give me one chance [and] then I
won't contact you again." - Direct Marketing Ass'n position on e-mail spam(CNN)
With 24 million small businesses in the US alone, that's way too many apples.
More information about the dns-operations