How to Check my Nameservers Unix Style
Table of Contents
Goal
- check downstream nameservers (zonetransfer/notify has taken place?)
- are these in sync with the main nameserver (“primary nameserver”, “master”)?
Methodology
- resolve multiple hosts (FQDNs) on the main nameserver and the secondary nameservers
- here: a fixed list and a list with randomly chosen IN-A records from the zone file
Further thoughts
The whole thing is implemented in such a way that it can run on the usual POSIX-like systems. Another possibility is to add records with random strings to the nameserver (that don’t exist yet) and see if a notify is triggered.
Of course this could be solved in go, Rust, Perl, Python, Ruby or whatever, but my point is to show how this can be solved in the “old Unix style”.
Put that into your crontab.
Code
#!/bin/sh
# yes, sh
# we're trying to be as much compatible as possible,
# trying to achieve POSIX/SUS compliance
# our main tool here:
query_cmd=host
status=0
# always lookup these hosts:
querylist_mandatory="peter.example.local jackson.example.local"
# name servers:
hostlist="10.32.1.5 10.32.254.250"
# zone-inputfile:
zonefile="/usr/local/etc/namedb/working/input/example.com.zone.input"
zonefile_qty=3
status_text=""
# make zonefile_domain empty by default:
zonefile_domain=""
# do we have a zonefile at all?
if [ ! -f $zonefile ]; then
status=1
status_text="$status_text\nNo zonefile! Going on with local list..."
querylist_zonefile=""
else
# read zonefile, get all IN A hostnames, sort randomly and uniquely, display only n entries:
querylist_zonefile=`<$zonefile grep "^[^@].*[ \t]*IN[ \t]*A" | sed -E 's/^([a-zA-Z0-9-]*)[ \t].*/\1/g' | sort -Ru | head -n $zonefile_qty`
# attention, here we're pulling its domain name from the zone input file
# looking for ANY line with a ";ORIGIN" ANYWHERE on it:
zonefile_domain=`<$zonefile grep ";ORIGIN " | sed -E 's/;ORIGIN[ \t]*([a-zA-Z0-9.]*)\.$/\1/g'`
fi
# let's use FQDNs if possible:
qlzf=""
if [ "$zonefile_domain" != "" ]; then
for z in $querylist_zonefile; do
qlzf="$qlzf $z.$zonefile_domain"
done
fi
# sort our new list again:
querylist=`echo $qlzf $querylist_mandatory | sed 's/ /\n/g' | sort --ignore-case`
status_text="$status_text\n$querylist"
# looking up all that we've just prepared:
for q in $querylist; do
for h in $hostlist; do
cmd="$query_cmd $q $h"
# status_text="$status_text\n$cmd"
r=`$cmd`
if [ $? -ne 0 ]; then
status=2
status_text="$status_text\n$cmd : $r"
fi
done
done
if [ $status -eq 0 ]; then
# depending on how you notify via cron:
# echo Successful.
else
# again, depending how you're handling that, there are so many ways,
# you could also mail from cron with a dedicated subject line etc,
# here we're writing to stderr...
echo "$zonefile_domain NS: FAILED! Status: $status" >&2
echo $status_text | sed 's/\\n/\n/g' >&2
echo >&2
fi
# ... and we're always returning with some exit code
# anything than zero will indicate an error:
exit $status
