notes on updating DNS info with bind DNS
Posted by jpluimers on 2023/12/01
Steps:
- Edit the DNS zone file in
/var/lib/named/master - Make sure you updated the SOA serial number
rcnamed restart- Watch
/var/lib/named/log/generalfor errors (you can even increase logging, for instance by reading [Wayback/Archive] this serverfault entry and editing/etc/named.d/logging) and – on my system – these other logs for the actual zone transfers:/var/lib/named/log/in-xfer.logfor incoming zone transfers on the secondary server/var/lib/named/log/notify.logfor notifications of zone transfers on the primary and secondary servers/var/lib/named/log/out-xfer.logfor outgoing zone transfers on the primary server
- Check on [Wayback/Archive] mxtoolbox.com/SuperTool.aspx?action=dns:example.org&run=toolpage# to see if the SOA serials have been replicated (one day I will write a bookmarklet for this)
Alternatives for the last step are sites like these:
- [Wayback/Archive] www.webdnstools.com/dnstools/domain_check (for example [Wayback/Archive] www.webdnstools.com/dnstools/check-domain-results?domain=example.org&button=Test)
- [Wayback/Archive] www.intodns.com (for example [Wayback/Archive] intodns.com/example.org)
I got the above mxtoolbox Supertool links via [Wayback/Archive] Contoso.one: Setting up email for Brand Protection domains (which I found via [Archive] mxtoolbox supertool “parameter” get – Google Search) who described how he scripted them and also included a subset of the below prefixes.
So for instance, in stead of DNS, you can check for MX using [Wayback/Archive] mxtoolbox.com/SuperTool.aspx?action=mx:example.org&run=toolpage#
All mxtoolbox Supertool prefixes are in the table at [Wayback/Archive] Network Tools: DNS,IP,Email:
Command Explanation blacklist:Check IP or host for reputation smtp:Test mail server SMTP (port 25) mx:DNS MX records for domain a:DNS A record IP address for host name spf:Check SPF records on a domain txt:Check TXT records on a domain ptr:DNS PTR record for host name cname:DNS canonical host name to IP address whois:Get domain registration information arin:Get IP address block information soa:Get Start of Authority record for a domain tcp:Verify an IP Address allows tcp connections http:Verify a URL allows http connections https:Verify a URL allows secure http connections ping:Perform a standard ICMP ping trace:Perform a standard ICMP trace route dns:Check your DNS Servers for possible problems
Related blog posts:
- Cryptosense Discovery
- Some sites than can help you check if your (maybe dynamic) IP has been black-listed
- Uptime Robot on Twitter: “Sorry all that the API and status pages fluctuated since the last 18 hours. The issue is completely fixed and it is all back to normal now.”
- intoDNS: checks DNS and mail servers health
- “same glue” dns: glue records
- Find the TTL for a domain and subdomain by getting to the authoritative nameserver first
- Fake Internet Connectivity for your Lab (Tricking NCSI) – via: Canberra Premier Field Engineering
–jeroen
The Wiert Corner - irregular stream of stuff 
Leave a comment