axfr-get performs a zone transfer for domain
z. It writes the results to
fn.tmp in a format that can be used as input to
If the zone transfer completes successfully,
axfr-get atomically renames
fn must be on the same filesystem.
axfr-get writes the zone serial number as a comment at the top of
fn.tmp. It skips the zone transfer,
fn already exists,
fn has a serial number
matching the zone serial number,
and both serial numbers are nonzero.
Zone transfers often include duplicate records.
You should feed the
axfr-get results through
axfr-get discards all records outside the domain
z. It accepts records in child zones,
but it marks all child zones as non-authoritative, so
will not report those records except as glue.
If you plan to merge the
for a domain and a child of the same domain,
creating a file authoritative for both zones,
make sure to eliminate records in the first output
that are within the child zone.
axfr-get will accept arbitrarily large zone transfers.
To limit the maximum file size to 1 megabyte,
softlimit -f 1048576.
BINDs RFC-1034-violating multiple-answers zone-transfer format.
axfr-get does not precisely simulate BINDs handling of
*.dom. Under BIND, records for
*.dom do not apply to
anything.y.dom if there is a normal record for
the records apply to
axfr-get does not precisely simulate BINDs handling of multiple IP addresses
for a single name.
When there are more than 8 addresses,
selects a random set of 8 for each query.