On Wed, 18 Sep 2002, Kim Davies wrote:

> Further to my earlier emails today, here is a perl script I just
> cooked up to tell you when it is broken. Just supply the domain(s) as
> arguments.. any noteworthy errors will go to STDERR. Change $msnymask to
> a regexp that matches your nameservers that it _should_ be delegated to.
> 
> note: script below wont work on broken auth ns implementations, but
> this is not a problem with .au :-)

Thanks Kim.  I was considering a script like this and found this work
slotted in nicely.

For better or worse, the result is attached.  As always: no warranties
(not even that it might be fit to check com.au delegations ;-).

Significant differences from Kim's original:

* lookup of com.au nameservers and selection of the first for the run.
* reads list of domains to check from STDIN
* doesn't care if NS records are returned in the answer or authority
section of the response.
* outputs to STDOUT, not STDERR

TODO:

* cleaning up and stripping out of cruft
* acount for the situation where we are listed as NS *and* somewhere else
is listed too (this shouldn't generate a complaint).
* generalise to cover other TLDs (e.g. net.au, org.au etc)
* accompanying filter to directly digest BIND config file

FWIW, I still think that this approach should be to deal with the ones
that "slipped the net". I.e. when delegations change the address in the
old SOA record should be notified.

HTH,
Neale.