(Sorry for the duplicate/reply without context). See below.
On 21-Aug-23 11:11, Mark Elkins wrote:
Hi,I'm writing some software to be able to read information from a Zone file. I am a legally authorised Secondary Authoritative Nameserver for a number of domains or rather zone files, eg. EDU.ZA (and others). Is there an easy way to:-1) Count how many delegated domains there are (Names with NS records)2) Extract the above Names - so I can look for changes (Added/Deleted names)3) find out how many unique names have DS records (I can DIG I suppose) I'd also like to spot broken stuff (named-checkzone ?)So the zones (such as EDU.ZA) contain the domain name of the entity (whois.edu.za) along with the Nameserver records and in this case, a DS record. e.g... "whois.edu.za" looks like....whois NS control.vweb.co.za. NS secdns1.posix.co.za. NS secdns2.posix.co.za. NS secdns3.posix.co.za.DS 27300 13 2 8ED21DB407F6AC3E6EA757AE566953C1BBADD8B652BE4C7C0744B1D7 9DF42894 DS 17837 13 2 36FD5B19450B672988AE507FB7D2F948ED1E889546C6E16554C7EAF9 CE9C3FEAOne hindrance is that journal files are present - so it is not just the zone file but the zone.jnl file as well.Some African ccTLDs have everything in one zone e.g. their COM, EDU, GOV - etc. In South Africa, these are all separate zones, making life somewhat easier.I'd hate to re-invent software that already exists.The primary purpose is to pull in data into an (ICANN requested) African DNS Observatory.-- Mark James ELKINS - Posix Systems - (South) Africa m...@posix.co.za Tel: +27.826010496 <tel:+27826010496> For fast, reliable, low cost Internet in ZA: https://ftth.posix.co.za
Mark, a) Use named-compilezone to extract the zone with journals applied.b) my favorite: do an axfr of the zone, which gives the correct data with all the pseudo-ops expanded
c) Use a library - I use Perl's Net::DNS - and write code to do the axfr & walk the zone - it allows you to access fields in the records.
https://github.com/tlhackque/certtools has a simple utility called acme_token_check that does (c) to remove stray ACME records - it shows how to do the transfer and walk the zone. (And also how to use DNS UPDATE to maintain it.)
Enjoy. Timothe Litt ACM Distinguished Engineer -------------------------- This communication may not represent the ACM or my employer's views, if any, on the matters discussed.
OpenPGP_signature
Description: OpenPGP digital signature
-- Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
