A good slave DNS

To minimize slave DNS work. People use rsync or/and SSH key based script, ISPconfig, webmin for new slave generation. Those ideas are fundamental good, but they all involving another service which I general against for two reasons.

1. additional work of other software installation/configuration
2. security can be effected of other software (e.g. ssh key handling)

Also what if, this slave have multi masters? Maybe one of them is Windows Server. You may say, blame yourself if you use a Windows DNS. A general good slave DNS need to be able to do two things.

1. self-generate slave zone config for BIND named.conf from multiple masters
2. self-aware a zone has been removed from master and remove it after N quarantine days

The following picture is my general thought how to archive this. No third party software required. Only some ninja script skills.