[dns-operations] online version checks

sthaug at nethelp.no sthaug at nethelp.no
Fri Dec 31 12:47:32 UTC 2010


> Some of us already automate checking versions of DNS servers in our
> network monitoring systems, but finding out when you really need to
> upgrade vs a minor feature update is still a bit of an art form; as
> Paul said, most DNS servers only get restarted very infrequently, and
> I do not get paid to run around upgrading nameservers just because
> someone added a new feature we don't use/need anyways.

Some systems already perform "call home" version checks, e.g. Nominum
CNS:

Dec 17 11:27:34 slam CNS[86224]: info: newest version of cns is 3.1.0.3; this server is running 3.0.5.1

Obviously, such a log entry doesn't say anything about the importance
of upgrading this particular version.

> My own experience is that the ClamAV (I think) model of e-mailing a
> notice when important things need attention is useful, but that does
> not always scale too well to a larger organization.

I like both e-mail and SNMP traps to a management system - but this
should be configurable and default to off.

Steinar Haug, Nethelp consulting, sthaug at nethelp.no



More information about the dns-operations mailing list