Hi maybe named-checkzone can help you, with -i full, it makes some NS checks :
>> Mode "full" checks that delegation NS records refer to A or AAAA >> record (both in-zone and out-of-zone hostnames). It also checks that glue >> address >> records in the zone match those advertised by the child. Mode >> "local" only checks NS records which refer to in-zone hostnames or that some >> required glue >> exists, that is when the nameserver is in a child zone. Philippe > -----Original Message----- > From: bind-users-bounces+philippe.simonet=swisscom....@lists.isc.org > [mailto:bind-users-bounces+philippe.simonet=swisscom....@lists.isc.org] > On Behalf Of Ben C. > Sent: Monday, September 19, 2011 7:46 AM > To: bind-users@lists.isc.org > Subject: Zone name conflicts / overlapping > > Hello all, > > This is my first post to bind-users, so I would like to first of all > say hello, and thanks to everyone who takes their time to read and > respond to any mailing list post. =) > > I have a fairly complex situation where I have a pDNS server and a ISC > BIND server, both containing unique zones. I'm trying to make them > "sync" to each other so that the end result is they both contain the > same list of zones, and update the opposite's zone files regularly. I > am doing my best in designing it so that it *shouldn't* have the > possibility of a zone conflict, where server A says something about > zone "foo.com", and server B contains it's own unique record, so when > they sync, .. well ... > > I noticed with BIND, what I expected happens if the situation occurs: > > zone "foo.com" { > type master; > file "/path/to/some.file"; > }; > > // .. some stuff > zone "foo.com" { > type master; > file "/path/to/some.other.file"; > // ^^ They can be the same file, too .. > }; > > -- BIND simply refuses to start, which is great because it allows me > to /see/ the error a little easier. > > However, the situation got interesting when the following occurs: > > zone "ns1.foo.com" { > type master; > file "/path/to/ns1.foo.com"; > }; > > zone "foo.com" { > type master; > file "/path/to/foo.com"; > }; > > Where ns1.foo.com's zone file would obviously contain an A record for > itself (ns1.foo.com.) and then foo.com's zone file contains an A > record for the same zone / hostname, ns1.foo.com. > > It appears to me, BIND sees the conflict / overlap but does not care > about the order they are in, nor cares to exit (or even tell anybody > about it), but simply use the more "specific" zone file which would be > "ns1.foo.com". I'm pretty sure this is intended behavior. Although > for my specific and very individual circumstance, this is not ideal > for me, but I'm by no means saying this is a bug, or "bad" behavior. > > I'm simply trying to figure out (1) if this is indeed the correct > assumption, that BIND will always use the more "specific" zone, ... > (2) if there are ways to modify the behavior (short of editing the way > BIND, or even DNS works) ... (3) if there is a way to at least > identify this kind of behavior in logs (error/warning message? maybe > I'm missing it..) .. (4) a link or referral to any kind of relevant > information would be useful -- documentation, mailing lists, anything > -- I did a _lot_ of googling and even peeked around on IRC asking > around, but either I'm not asking the question correctly, or it's not > a very common thing :) > > Thanks for your time, > Ben > _______________________________________________ > Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe > from this list > > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
