On 8 Mar 2012, at 10:25, Einar Bjarni Halldórsson wrote: > Hi, > > After getting hit by https://issues.opendnssec.org/browse/OPENDNSSEC-216 we > upgraded ods to SVN r6202. For us that means no more auditor. We're looking > at alternatives, like validns, but we're unsure of how to integrate active > monitoring into our setup. The zone file is updated every 20 minutes and then > we call ods-signer to sign it. What we need is a way to run our monitor > scripts after the zone has been signed but before it's pushed out to the > nameservers. > > How have you guys implemented active monitoring into your setup? Are there > hooks in ods already to do this?
We haven't implemented anything, but the way I would do it would be: * Have the signer put the files into an intermediate directory e.g. /unchecked * Get ODS to call a perl script using the NotifyCommand in conf.xml * In the perl script call validns and parse the reply. * If validns completes successfully copy the file into the live directory and call rndc. * If it fails send an e-mail. (Probably not very helpful, but it's what I would do) Thanks Scott
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ Opendnssec-user mailing list [email protected] https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
