Transferring a Zone Programmatically

9.9.1 Problem

You want to transfer a zone within a computer program.

9.9.2 Solution

One of the easiest ways to work with DNS programmatically is to use Perl's Net::DNS module, whether you're looking up discrete records or transferring an entire zone. Here's a short Perl script to transfer a zone specified on the command line and print the results:

#!/usr/bin/perl -w
 
use Net::DNS;
 
# If the user didn't specify the domain name of a zone and the domain name
# or address of a name server to transfer from, exit
die "Usage: $0  " unless (@ARGV == 2);
 
# Create a resolver object
my $res = Net::DNS::Resolver->new;
 
# Use the specified name server
$res->nameservers($ARGV[1]);
 
# Transfer the zone
my @zone = $res->axfr($ARGV[0]);
 
# Print each record in the zone
foreach $rr (@zone) {
 $rr->print;
}

9.9.3 Discussion

A more sophisticated script might require only the domain name of the zone, and would then look up the zone's NS records to find its authoritative name servers. And a more bulletproof script would do a whole lot more error checking.

Remember that you can only transfer a zone from a name server authoritative for that zone, and only if said name server allows you to. If you restrict zone transfers using TSIG, you can still use newer versions of Net::DNS to sign zone transfer requests. See Section 9.11 for details.

9.9.4 See Also

Section 9.11 for sending TSIG-signed requests.

Getting Started

Zone Data

BIND Name Server Configuration

Electronic Mail

BIND Name Server Operations

Delegation and Registration

Security

Interoperability and Upgrading

Resolvers and Programming

Logging and Troubleshooting

IPv6



DNS & BIND Cookbook
DNS & BIND Cookbook
ISBN: 0596004109
EAN: 2147483647
Year: 2005
Pages: 220
Authors: Cricket Liu

Flylib.com © 2008-2020.
If you may any questions please contact us: flylib@qtcs.net