The maintainers of the NiX Spam DNS Black-List have thankfully followed up on our suggestion to add a freshness time stamp to the black- list, allowing slave zone operators to verify zone transfers are occurring in a timely fashion. (The zone's SOA serial number has no relashionship to time -- the zone is updated up to 100 times per second, and the serial number is just a number.) The timestamp is in ISO 8601 format and it is located at the zone apex:

dig ix.dnsbl.manitu.net txt
    
    ;; ANSWER SECTION:
    ix.dnsbl.manitu.net.  60  IN TXT  "heartbeat=2010-10-26T07:51:01+02:00"

If you are a slave zone operator, you may be interested in using check_nix -- a Nagios/Icinga plugin which verifies said freshness. (Read the man page.)

DNSBL last updated on slave [127.0.0.1] 0 days, 00:00:33 ago

(Information in German.) Thanks, Marcel & team!

Flattr this
Nagios, DNS, CLI, and DNSBL :: 26 Oct 2010 :: e-mail

Comments

blog comments powered by Disqus