> On May 4, 2021, at 7:59 AM, Klaus Darilion <[email protected]>
> wrote:
>
> In my setup I receive zones from various hidden primaries to my "incoming"
> nameserver. Before my "distribution" nameserver fetches the zone from the
> "incoming" nameserver (and hence sends NOTIFYs to the public secondaries) I I
> want to perform various checks on the zone loaded on the incoming nameserver.
>
> Currently I use a freaky Bind9 setup with several perl scripts. Do you know
> if there exists any software tool that were written for such setups? For
> example a Secondary which fetches a zone not automatically but only on
> request? Or a nameserver which fetches a zone but only "loads" it if an
> external tool validates the zone?
With a focus on mostly DNSSEC, but also some general DNS, you can use DNSViz
for pre-deployment testing, as shown here:
https://github.com/dnsviz/dnsviz#pre-deployment-dns-testing
It is not automated, so you would have to build in scripts around it.
Casey
_______________________________________________
dns-operations mailing list
[email protected]
https://lists.dns-oarc.net/mailman/listinfo/dns-operations
