[dns-operations] DNS delegation checker
Phil Regnauld
regnauld at nsrc.org
Fri May 25 11:27:26 UTC 2012
Bernhard Schmidt (berni) writes:
> Is there any script/framework out there already that tries to find
> that mess? I'm thinking about
You could script some of that with doc
http://www.shub-internet.org/brad/dns/
> * getting a list of zones from management system
> * check delegation from upstream server
> * get zone file from our slave zone repository, walk all
> delegations, check them on delegated server or in the zone
> repository
> * warn if delegations are missing or inconsistent
> * warn if delegations to non-existing/non-answering servers exist,
> or delegations to own servers but zone is not configured
> * DS vs. DNSKEY checks
Otherwise, I may have some scripts I've developed that you could use,
will check if I still have them...
Cheers,
Phil
More information about the dns-operations
mailing list