[BALUG-Admin] balug.org(/sf-lug.{org, com}) host OOM oops Re: (forw) linuxmafia.com 2017-09-30 11:02 System Events

[Rick Moen]

Quoting Michael Paoli (Michael.Paoli@cal.berkeley.edu):

> "She's dead, Jim." - Rick Moen (Thanks Rick!) noticed some issues,
> checked a bit and ... named was no longer running!  8-O

I figure it's always nice if your secondary DNS person is your wingman.
;->

My secret weapon:  A well-tuned instance of logcheck.  The trick to
running logcheck is to spend some time iteratively 'tuning' its
/etc/logcheck/ignore.d.server/local.rules file, to make it cease
reporting routine system events of no interest being reported in the
system logs.  Eventually, you get to the point where logcheck sends you
e-mail only when something _interesting_ and potentially significant
happens -- like when your nameserver ceases to be able to pull down zone
transfers from a remote master nameserver.

And that is also why I collect means of out-of-band contact for all the
people I do DNS for, or who DNS for me, and include those as comment
lines where appropriate in /etc/bind/named.conf.local.  

(I include that file for public download as a teaching example in 
http://linuxmafia.com/pub/linux/network/bind9-examples-linuxmafia.tar.gz , 
except with telephone numbers redacted.)


Incidentally, you and I should both transition from BIND9 to a better
authoritative-only nameserver (such as NSD) and from Apache http to a
lighter and more secure httpd (such as Lighty or nginx).