BIND problem
Barry Margolin
barmar at genuity.net
Mon Aug 6 19:55:04 UTC 2001
In article <9kffu8$402 at pub3.rc.vix.com>, <Mark.Andrews at nominum.com> wrote:
>> In the real world, most DNS administrators don't even check the log for
>> error messages, let alone do a dig to see if the results look like what
>> they typed. If we didn't check things on our secondary servers, most of
>> our customers would never know when they messed up their primaries. And
>> our customers are primarily Fortune 1000, universities, and government
>> agencies.
>
> I just used "find /var/named/cache -type f -mtime +3" to catch this
> sort of error. Very few refresh timers are > 1 day and this allows
> a error on Friday to be found Monday and be fixed without hitting
> the radar on the secondary.
I used to do something like that, but used "-mtime +0". Now I read the
Refresh and Retry values out of the zone file, and report on any zone files
that are more than max(6 hours, Refresh+2*Retry) out of date. I run this
script from cron several times a day.
This is what I meant by "If we didn't check things on our secondary
servers". The customers are obviously oblivious to the errors at their end
until we notify them because of our monitoring.
--
Barry Margolin, barmar at genuity.net
Genuity, Woburn, MA
*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
Please DON'T copy followups to me -- I'll assume it wasn't posted to the group.
More information about the bind-users
mailing list