How do you guys keep your zones up to date?
Curt Sampson
cjs at cynic.net
Sat Oct 6 06:39:00 UTC 2007
On Fri, 28 Sep 2007, Tony Earnshaw wrote:
> Suppose it depends on how large your domain count is. Up to 30+ domains
> with slaves I've always used vi on the masters. No sweat, minimal time
> on Bind, maximal time on other things.
Same here, with perhaps a few neat tweaks:
1. I have a script that deals with the zone signing for my
DNSSEC zones, including decrypting the signing keys (which are
PGP-encrypted).
2. Everything is in subversion, of course.
3. I have a makefile that knows how to test my changes before I
commit them.
So the usual cycle is: change, sign, test, commit, move to production
server, update, test, reload.
cjs
--
Curt Sampson <cjs at cynic.net> +81 90 7737 2974
http://www.starling-software.com
The power of accurate observation is commonly called cynicism
by those who have not got it. --George Bernard Shaw
More information about the bind-users
mailing list