On Wed, 8 Jul 2009 14:23:36 -0400, "Todd Snyder" wrote:
> Good day all,
>
> I am looking at making some sweeping changes to some zone files,
> cleaning up NS records primarily. As I'm pondering the impact of this,
> I got to thinking about how to validate every single record in my
> namespace, and therefore the entirety of my change.
>
> What I'm thinking of is a script that will go through each zone file and
> do a dig against a server (localhost, or otherwise) for each record,
> verifying that every record resolves correctly.
>
> Has anyone written such a beast or know of a tool like this? Am I being
> obtuse in thinking that this would be useful to me to verify my changes?
>
> Cheers,
>
> Todd.
>
> -
> This transmission (including any attachments) may contain confidential
> information, privileged material (including material protected by the
> solicitor-client or other applicable privileges), or constitute
non-public
> information. Any use of this information by anyone other than the
intended
> recipient is prohibited. If you have received this transmission in error,
> please immediately reply to the sender and delete this information from
> your system. Use, dissemination, distribution, or reproduction of this
> transmission by unintended recipients is not authorized and may be
> unlawful.
> ___
> bind-users mailing list
> bind-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
I was forced into writing some stuff like this as I inherited a severely
neglected DNS environment. Instead of having to write the logic capable of
parsing a zone file I found it easier to parse host -l output. This allows
for not needing to take account of all the allowed shorthand within the
zone files that bind understands. I suppose it even makes the scripts non
bind dependent. I choose to examine things such as A records with multiple
entries (possible round robin or possible that someone didn't remove an old
record before adding new), if PTR records exist for A records, if PTR
records match the corresponding A records, for duplicate PTR records & if
two different A records contain the same IP data (possible old IP that was
reassigned to new machine while old DNS data was never removed or possibly
one machine known by many names).
I am sure there is some paid software out there that performs similar
functionality. I tested the Men & Mice suite which performed alot of very
similar functionality as my own scripts did. I wouldn't be surprised if
there were some open source projects as well.
Thanks,
David
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users