Theodore Baschak

Routing Guru. IPv6 Advocate. Operator of Hextet Systems (AS395089).


Sat, 14 Jun 2014 14:42:09 -0500 » Networking, Nerd Projects, Network Monitoring, CLI, IPv6, Programming, System Administration » Estimated read time: 1 min

check-soa is a CLI tool written in go which lets a DNS name server administrator easily verify that all servers listed as authoritative are in sync and serving the same zone by verifying the SOA record. I use this tool nearly every day at work to verify that changes have propagated to all slave nameservers.

As you can see, it supports ipv4/ipv6:

$ check-soa -i
	2604:4280:d000:11::6: OK: 2014061301 (0 ms) OK: 2014061301 (0 ms) OK: 2014061301 (44 ms) OK: 2014061301 (1 ms)
$ check-soa -i OK: 2014061401 (0 ms)
	2604:4280:d000:11::6: OK: 2014061401 (0 ms) OK: 2014061401 (43 ms) OK: 2014061401 (0 ms)

The project is hosted at

I’ve found that it doesn’t build with the bundled version of golang in Debian wheezy, I had to install the latest stable binary package to resolve hash/tsig related errors.