[hcoop/zz_old/debian/djbdns.git] / debian / djbdns-man / axfrdns.8

.TH axfrdns 8

.SH NAME
axfrdns \- a DNS zone-transfer server.

.SH DESCRIPTION
.B axfrdns
reads a zone-transfer request
in DNS-over-TCP format from its standard input,
and responds with locally configured information.

.SH Configuration
Normally 
.B axfrdns
is set up by the
.BR axfrdns-conf (8)
program.

.B axfrdns
runs chrooted in the directory
specified by the 
.I $ROOT
environment variable,
under the uid and gid
specified by the 
.I $UID
and 
.I $GID
environment variables.

Normally 
.B axfrdns
runs under 
.BR tcpserver (1)
to handle TCP connections on port 53 of a local IP address.

.BR tcpserver (1)
is responsible for
rejecting connections from hosts not authorized to perform zone transfers.

.B axfrdns
can also run under secure connection tools
offering an UCSPI-compliant interface.

.B axfrdns
looks up zone-transfer results
in 
.IR data.cdb ,
a binary file created by
.BR tinydns-data (8).
It also responds to normal client queries,
such as SOA queries, which usually precede zone-transfer requests.

.B axfrdns
allows zone transfers
for any zone listed in the 
.I $AXFR
environment variable.

.I $AXFR
is a slash-separated list of domain names.
If 
.I $AXFR
is not set,
.B axfrdns
allows zone transfers for all zones
available in 
.IR data.cdb .

.B axfrdns
aborts
if it runs out of memory,
or has trouble reading 
.IR data.cdb ,
or receives a request larger than 512 bytes,
or receives a truncated request,
or receives a zone-transfer request disallowed by 
.IR $AXFR ,
or receives a request not answered by 
.IR data.cdb ,
or waits 60 seconds with nothing happening.

.SH Further notes on zone transfers

.B axfrdns
provides every record it can find inside the target domain.
This may include records in child zones.
Some of these records (such as glue inside a child zone) are essential;
others are not.
It is up to the client to decide which out-of-zone records to keep.

.B axfrdns
does not provide glue records outside the target domain.

The zone-transfer protocol does not support timestamps.
If a record is scheduled to be created in the future,
.B axfrdns
does not send it;
after the starting time,
the zone-transfer client will continue claiming that the record doesn't exist,
until it contacts 
.B axfrdns
again.
Similarly, if a record is scheduled to die in the future,
.B axfrdns
sends it (with a 2-second TTL);
after the ending time,
the zone-transfer client will continue providing the old record,
until it contacts 
.B axfrdns
again.

Zone-transfer clients rely on zone serial numbers
changing for every zone modification.

.BR tinydns-data (8)
uses the modification time of the 
.I data
file
as its serial number for all zones.
Do not make more than one modification per second.

BIND's zone-transfer client, 
.BR named-xfer ,
converts zone-transfer data to zone-file format.
Beware that zone-file format has no generic mechanism
to express records of arbitrary types;

.B named-xfer
chokes
if it does not recognize a record type used in 
.IR data.cdb .

.SH SEE ALSO
axfrdns-conf(8),
tinydns-data(8),
tcpserver(1)

http://cr.yp.to/djbdns.html
Commit	Line	Data
b4588d5c GP	1	.TH axfrdns 8
	2
	3	.SH NAME
	4	axfrdns \- a DNS zone-transfer server.
	5
	6	.SH DESCRIPTION
	7	.B axfrdns
	8	reads a zone-transfer request
	9	in DNS-over-TCP format from its standard input,
	10	and responds with locally configured information.
	11
	12	.SH Configuration
	13	Normally
	14	.B axfrdns
	15	is set up by the
	16	.BR axfrdns-conf (8)
	17	program.
	18
	19	.B axfrdns
	20	runs chrooted in the directory
	21	specified by the
	22	.I $ROOT
	23	environment variable,
	24	under the uid and gid
	25	specified by the
	26	.I $UID
	27	and
	28	.I $GID
	29	environment variables.
	30
	31	Normally
	32	.B axfrdns
	33	runs under
	34	.BR tcpserver (1)
	35	to handle TCP connections on port 53 of a local IP address.
	36
	37	.BR tcpserver (1)
	38	is responsible for
	39	rejecting connections from hosts not authorized to perform zone transfers.
	40
	41	.B axfrdns
	42	can also run under secure connection tools
	43	offering an UCSPI-compliant interface.
	44
	45	.B axfrdns
	46	looks up zone-transfer results
	47	in
	48	.IR data.cdb ,
	49	a binary file created by
	50	.BR tinydns-data (8).
	51	It also responds to normal client queries,
	52	such as SOA queries, which usually precede zone-transfer requests.
	53
	54	.B axfrdns
	55	allows zone transfers
	56	for any zone listed in the
	57	.I $AXFR
	58	environment variable.
	59
	60	.I $AXFR
	61	is a slash-separated list of domain names.
	62	If
	63	.I $AXFR
	64	is not set,
65	.B axfrdns
66	allows zone transfers for all zones
67	available in
68	.IR data.cdb .
69
70	.B axfrdns
71	aborts
72	if it runs out of memory,
73	or has trouble reading
74	.IR data.cdb ,
75	or receives a request larger than 512 bytes,
76	or receives a truncated request,
77	or receives a zone-transfer request disallowed by
78	.IR $AXFR ,
79	or receives a request not answered by
80	.IR data.cdb ,
81	or waits 60 seconds with nothing happening.
82
83	.SH Further notes on zone transfers
84
85	.B axfrdns
86	provides every record it can find inside the target domain.
87	This may include records in child zones.
88	Some of these records (such as glue inside a child zone) are essential;
89	others are not.
90	It is up to the client to decide which out-of-zone records to keep.
91
92	.B axfrdns
93	does not provide glue records outside the target domain.
94
95	The zone-transfer protocol does not support timestamps.
96	If a record is scheduled to be created in the future,
97	.B axfrdns
98	does not send it;
99	after the starting time,
100	the zone-transfer client will continue claiming that the record doesn't exist,
101	until it contacts
102	.B axfrdns
103	again.
104	Similarly, if a record is scheduled to die in the future,
105	.B axfrdns
106	sends it (with a 2-second TTL);
107	after the ending time,
108	the zone-transfer client will continue providing the old record,
109	until it contacts
110	.B axfrdns
111	again.
112
113	Zone-transfer clients rely on zone serial numbers
114	changing for every zone modification.
115
116	.BR tinydns-data (8)
117	uses the modification time of the
118	.I data
119	file
120	as its serial number for all zones.
121	Do not make more than one modification per second.
122
123	BIND's zone-transfer client,
124	.BR named-xfer ,
125	converts zone-transfer data to zone-file format.
126	Beware that zone-file format has no generic mechanism
127	to express records of arbitrary types;
128
129	.B named-xfer
130	chokes
131	if it does not recognize a record type used in
132	.IR data.cdb .
133
134	.SH SEE ALSO
135	axfrdns-conf(8),
136	tinydns-data(8),
137	tcpserver(1)
138
139	http://cr.yp.to/djbdns.html