How to tell (in a script) if a zone failed to load?

[Brad Knowles]

At 5:53 PM +0000 7/25/01, phil-news-nospam at ipal.net wrote:

>  How can I tell, from the script that restarts bind, if a zone file
>  has failed to load?

	You don't.  You use the log data, or you use DNS debugging tools.

>                       It is not practical to actually do a test
>  query of every zone.

	This is your only choice, if you don't use the data in the log files.

>                        The syslog on the machine is huge, and while
>  grepping it might be feasible, know what patterns to look for are
>  the problem.

	This and using DNS debugging tools are the only choices you have.

>                                                     I'd like to
>  find a programmable way to determine if a zone has failed.

	Check the logfiles or use DNS debugging tools.

>  I can't use named-checkzone because it only does one zone at a time.

	What, you can't write a trivial shell-script wrapper around 
named-checkzone, based on the zone names in /etc/named.conf?

>  And named-checkconf doesn't actually follow the config file into all
>  the zones.  It would be useful (very useful) to have a program that
>  can do a _full_ integrity check starting at the config file and
>  going through everything involved, including all zone files that
>  are configured, and all other checks that would cause any kind of
>  failure in starting the server.

	I've been considering adding this kind of functionality to 
dnswalk, but you could do the same job a lot easier (if not quite as 
cleanly) by writing a trivial shell script wrapper to fire off 
named-checkzone for each zone listed in /etc/named.conf.


	Oh, and please don't use "NOSPAM" garbage in your return address. 
The newsgroup you posted this message to is gatewayed to a mailing 
list, and having this garbage in your address is anti-social and 
makes it more difficult for people to reply to you with the kind of 
information you've requested.

	Moreover, all address scanning tools I know of are intelligent 
enough to remove all "NOSPAM" type tags I've ever seen, so it doesn't 
do any good anyway.

-- 
Brad Knowles, <brad.knowles at skynet.be>

/*        efdtt.c  Author:  Charles M. Hannum <root at ihack.net>          */
/*       Represented as 1045 digit prime number by Phil Carmody         */
/*     Prime as DNS cname chain by Roy Arends and Walter Belgers        */
/*                                                                      */
/*     Usage is:  cat title-key scrambled.vob | efdtt >clear.vob        */
/*   where title-key = "153 2 8 105 225" or other similar 5-byte key    */

dig decss.friet.org|perl -ne'if(/^x/){s/[x.]//g;print pack(H124,$_)}'