[dns-operations] DNS zone monitoring
Seth Mattinen
sethm at rollernet.us
Mon Jun 14 06:46:26 UTC 2010
On 6/13/10 9:29 PM, Joe Greco wrote:
>> On 2010-06-13, at 22:56, Joe Greco wrote:
>>
>>> I was just in a discussion elsewhere that brought up an old topic:
>>>
>>> How do people monitor for secondary servers that are having trouble
>>> updating a zone from the master?
>>
>> We direct an apex/IN/SOA query to all servers for each zone we are
>> checking, and if we see inconsistent serial numbers we sound alarms.
>
> Yes, but that's only useful if your SOA's are changing. For many zones,
> there's no need for the serials to change. Besides, I already indicated
> we did that. :-)
>
One thing I employ is a test zone (something.test) and set all the SOA
values way down, such as a 5 min expire. This way the slaves are
actively doing their master-slave thing constantly. If there's a problem
the slaves eventually expire the test zone and that sets off alarms.
~Seth
More information about the dns-operations
mailing list