[Opendnssec-user] Replacement for auditor in 1.4.0

Miek Gieben miek at miek.nl
Thu Mar 8 10:28:59 UTC 2012


[ Quoting <einar at isnic.is> at 10:25 on Mar  8 in "[Opendnssec-user] Re..." ]
> Hi,
> 
> After getting hit by https://issues.opendnssec.org/browse/OPENDNSSEC-216 we
> upgraded ods to SVN r6202. For us that means no more auditor. We're looking at
> alternatives, like validns, but we're unsure of how to integrate active
> monitoring into our setup. The zone file is updated every 20 minutes and then
> we call ods-signer to sign it. What we need is a way to run our monitor scripts
> after the zone has been signed but before it's pushed out to the nameservers.
> 
> How have you guys implemented active monitoring into your setup? Are there
> hooks in ods already to do this?

we (mis)use the <NotifyCommand> for that. All our checks are put in the
script that is called and it also copies the zone to were BIND can find
it. If the notify script fails, the new zone isn't loaded and someone needs
to check why that has happened.

 Regards,

-- 
    Miek Gieben
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://lists.opendnssec.org/pipermail/opendnssec-user/attachments/20120308/647022e0/attachment.bin>


More information about the Opendnssec-user mailing list