Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages


home | help
axfrdns(8)		    System Manager's Manual		    axfrdns(8)

       axfrdns - a DNS zone-transfer server.

       axfrdns	reads  a zone-transfer request in DNS-over-TCP format from its
       standard	input, and responds with locally configured information.

       Normally	axfrdns	is set up by the axfrdns-conf(8) program.

       axfrdns runs chrooted in	the directory specified	by the $ROOT  environ-
       ment variable, under the	uid and	gid specified by the $UID and $GID en-
       vironment variables.

       Normally	axfrdns	runs under tcpserver(1)	to handle TCP  connections  on
       port 53 of a local IP address.

       tcpserver(1)  is	 responsible  for rejecting connections	from hosts not
       authorized to perform zone transfers.

       axfrdns can also	run under secure connection tools offering  an	UCSPI-
       compliant interface.

       axfrdns	looks up zone-transfer results in data.cdb, a binary file cre-
       ated by tinydns-data(8).	 It also responds to  normal  client  queries,
       such as SOA queries, which usually precede zone-transfer	requests.

       axfrdns allows zone transfers for any zone listed in the	$AXFR environ-
       ment variable.

       $AXFR is	a slash-separated list of domain names.	 If $AXFR is not  set,
       axfrdns allows zone transfers for all zones available in	data.cdb.

       axfrdns	aborts	if  it	runs  out  of  memory,	or has trouble reading
       data.cdb, or receives a request larger than 512 bytes,  or  receives  a
       truncated  request,  or	receives a zone-transfer request disallowed by
       $AXFR, or receives a request not	answered by data.cdb, or waits 60 sec-
       onds with nothing happening.

Further	notes on zone transfers
       axfrdns	provides  every	 record	 it can	find inside the	target domain.
       This may	include	records	in child zones.	 Some of these	records	 (such
       as  glue	 inside	a child	zone) are essential; others are	not.  It is up
       to the client to	decide which out-of-zone records to keep.

       axfrdns does not	provide	glue records outside the target	domain.

       The zone-transfer protocol does not support timestamps.	If a record is
       scheduled  to be	created	in the future, axfrdns does not	send it; after
       the starting time, the zone-transfer client will	continue claiming that
       the  record doesn't exist, until	it contacts axfrdns again.  Similarly,
       if a record is scheduled	to die in the future, axfrdns sends it (with a
       2-second	 TTL);	after  the  ending time, the zone-transfer client will
       continue	providing the old record, until	it contacts axfrdns again.

       Zone-transfer clients rely on zone serial numbers  changing  for	 every
       zone modification.

       tinydns-data(8)	uses the modification time of the data file as its se-
       rial number for all zones.  Do not make more than one modification  per

       BIND's zone-transfer client, named-xfer,	converts zone-transfer data to
       zone-file format.  Beware that zone-file	format has no  generic	mecha-
       nism to express records of arbitrary types;

       named-xfer  chokes  if  it  does	 not  recognize	 a record type used in

       axfrdns-conf(8),	tinydns-data(8), tcpserver(1)


NAME | DESCRIPTION | Configuration | Further notes on zone transfers | SEE ALSO

Want to link to this manual page? Use this URL:

home | help