nanog mailing list archives
RE: Looking for advice - Auditing zones on a set of name servers
From: Jonathon Exley <Jonathon.Exley () kordia co nz>
Date: Thu, 22 Mar 2012 20:57:43 +0000
You could try ValiDNS (http://www.validns.net) which I am told does this sort of thing. Jonathon
-----Original Message----- From: Landon Stewart [mailto:lstewart () superb net] Sent: Wednesday, 21 March 2012 9:54 a.m. To: NANOG list Subject: Looking for advice - Auditing zones on a set of name servers Hi Everyone, I'm looking for some advice here. I'm attempting to clean up a set of name servers and have a list of domain names that should not actually be hosted on those name servers. In some cases there are issues where there are actually no NS records in a domain but it should be hosted on those name servers. In some cases the name servers just aren't authoritative and the domain should be removed. The name servers are all djbdns, not that it matters a whole lot. I'm wondering if anyone knows of some tools that I can use other than homegrown ones that are a little more robust in terms of thinking of every little possible issue for or against a domain than I can think of. Of a list of domains that I marked for deletion some of them simply had little problems but should not be deleted (rather just have their NS records fixed). I also don't' want to pound on someone else's recursive name servers or even the root name servers trying to audit ours since that's not very nice. If anything I guess I could spread out the queries if I had the right tools. I wrote a quick script that looks up the NS records for a zone, then the A records for those NS records and checks the resulting IP addresses against a list of IP addresses that are our name servers. It's not quite doing all I need it to do since sometimes we are authoritative but there are no NS records or they are wrong. I'm also not sure beating on google's name servers is a good idea either so you should fill in your OWN recursive name servers instead f 8.8.8.8 and 8.8.4.4. Thanks for reading! :-D
This email and attachments: are confidential; may be protected by privilege and copyright; if received in error may not be used, copied, or kept; are not guaranteed to be virus-free; may not express the views of Kordia(R); do not designate an information system; and do not give rise to any liability for Kordia(R).
Current thread:
- Looking for advice - Auditing zones on a set of name servers Landon Stewart (Mar 20)
- Re: Looking for advice - Auditing zones on a set of name servers Christopher Morrow (Mar 20)
- Re: Looking for advice - Auditing zones on a set of name servers Landon Stewart (Mar 22)
- RE: Looking for advice - Auditing zones on a set of name servers Jonathon Exley (Mar 22)
- Re: Looking for advice - Auditing zones on a set of name servers Christopher Morrow (Mar 20)