[dns-operations] DNS zone monitoring

Joe Greco jgreco at ns.sol.net
Mon Jun 14 02:56:29 UTC 2010

I was just in a discussion elsewhere that brought up an old topic:

How do people monitor for secondary servers that are having trouble
updating a zone from the master?

Obviously, we do all the normal sanity checks (SOA's match, etc) but
other than monitoring the log file and watching for errors such as

Jun 13 21:40:51 server named[13899]: transfer of 'foo.com/IN/all-in' from ip.ad.dr.ess#53: failed to connect: timed out

I'm not quite sure what other options there are, short of letting the
zone hit the expire and go all servfail.  I was kind of hoping to see 
something under rndc status, but "xfers deferred" doesn't seem to be
it.  A solution that didn't require privileged access to the server
would be cool.

