This shows you the differences between two versions of the page.
— |
soft:checkzone [2019/07/14 23:20] (current) phil created |
||
---|---|---|---|
Line 1: | Line 1: | ||
+ | ====== checkzone - A python script checking secondary dns servers ====== | ||
+ | You should check your secondary dns servers receive and update zones properly. | ||
+ | |||
+ | Here is a small script I wrote which simply request all the NS servers from a given domain and check their serial is equal. The script behave like a nagios compatible check, so you can easily plug into your monitoring systems. | ||
+ | |||
+ | < | ||
+ | apt-get install python3-dnspython | ||
+ | </ | ||
+ | |||
+ | <file / | ||
+ | # | ||
+ | |||
+ | import argparse | ||
+ | import sys | ||
+ | import dns.resolver | ||
+ | |||
+ | |||
+ | def get_serials(domain): | ||
+ | resolver = dns.resolver.Resolver() | ||
+ | for ns in resolver.query(domain, | ||
+ | for ip in resolver.query(ns.to_text(), | ||
+ | r = dns.resolver.Resolver(configure=False) | ||
+ | r.nameservers = [ip.to_text()] | ||
+ | for resp in r.query(domain, | ||
+ | yield ns.to_text(), | ||
+ | |||
+ | |||
+ | def check_zone(domain): | ||
+ | serials = list(get_serials(domain)) | ||
+ | if len(set([s for _, _, s in serials])) == 1: | ||
+ | print(' | ||
+ | domain, serials[0][2], | ||
+ | ', ' | ||
+ | return 0 | ||
+ | else: | ||
+ | print(' | ||
+ | domain, ', ' | ||
+ | for ns, ip, s in serials]))) | ||
+ | return 2 | ||
+ | |||
+ | |||
+ | if __name__ == ' | ||
+ | parser = argparse.ArgumentParser(sys.argv[0]) | ||
+ | parser.add_argument(' | ||
+ | args = parser.parse_args() | ||
+ | sys.exit(check_zone(args.domain)) | ||
+ | </ | ||
+ | |||
+ | Example output: | ||
+ | |||
+ | < | ||
+ | $ / | ||
+ | ZONE fr. OK - serial is 2225177270 for d.nic.fr. (194.0.9.1), | ||
+ | |||
+ | $ / | ||
+ | ZONE org. CRITICAL - serial differ 2013547598 for d0.org.afilias-nst.org. (199.19.57.1), | ||
+ | $ | ||
+ | / | ||
+ | ZONE philpep.org. OK - serial is 2019061607 for cauchy.philpep.org. (5.39.85.37), | ||
+ | </ | ||
+ | |||
+ | As you can see, the script may flap for zones updating very frequently (top level zones), but for your zone it should just work. |