2011/5/5 Doug Barton <do...@dougbarton.us>: > On 05/04/2011 01:22, hugo hugoo wrote: >> >> So..no way to check that a zone is expired? > > You're asking the wrong question. The correct question is, "How can I make > sure that a zone is up to date on all of the slaves?" You do that by > querying the SOA record for the zone on each slave and compare the serial > number to the master. >
And I do have a script for that, can be used as a nagios plugin below. #!/usr/bin/perl use strict; use Net::DNS; use Getopt::Std; my %opts; getopts('hm:s:z:', \%opts); if ($opts{'h'}) { usage(); } my $master = $opts{'m'} || usage(); my $slave = $opts{'s'} || usage(); my $zone = $opts{'z'} || usage(); my $s1 = qrsoa($master,$zone); my $s2 = qrsoa($slave,$zone); if ($s1 != -1 && $s1 == $s2) { print "OK\n"; exit 0; } else { print "CRITICAL: zone $zone sync error\n"; exit 2; } sub qrsoa { my $host = shift; my $zone = shift; my $res = Net::DNS::Resolver->new(nameservers => [$host]); my $query = $res->query($zone, "SOA"); return $query ? ($query->answer)[0]->serial : -1; } sub usage { print <<EOF; Usage: $0 -m 8.8.8.8 -s 8.8.4.4 -z example.com -m master DNS ip or name -s slave DNS ip or name -z zone name -h show this help page EOF exit 0; } -- Jeff Pang www.DNSbed.com _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users