Ancillary agent for inbound zone transfers


named-xfer  -z zone_to_transfer 
            -f db_file 
           [-C class] 
           [-d debuglevel] 
           [-i ixfr_file] 
           [-l debug_log_file]
           [-p port_number] 
           [-s serial_no] 
           [-T tsig_info_file] 
           [-t trace_file] 
           [-x axfr-src] 
           nameserver... [[axfr] | [ixfr]]

Runs on:



-C class
Request an RR from the class "in" (the default), "hs," or "chaos".
-d debuglevel
Print debugging information. The debuglevel is a number determined by the level of messages printed.
-i ixfr_file
Specify the name of the file where zone changes from the Incremental Zone Transfer (IXFR) should be dumped when it's received from the primary server.
-f db_file
Specify the name of the zone data file into which the zone should be dumped when it's received from the primary server.
-l debug_log_file
Specify a log file for debugging messages. The default is system-dependent but is usually in /var/tmp or /usr/tmp. This option only applies if the -d option is specified.
-p port_number
Use a different port_number. The default is the standard port number returned by getservbyname().
Quiet mode.
Perform a restricted transfer of only the SOA, NS records and glue A records for the zone. The SOA record isn't loaded by named but is used to determine when to verify the NS records.
-s serial_no
Specify the serial number of our current copy of this zone. If the SOA RR from the primary server doesn't have a serial number higher than this, the transfer is aborted.
-T tsig_info_file
Info file that contains the TSIG (transaction signature) entries that are required for server authentication. For more information, see the section on the TSIG info file in the Description.
-t trace_file
Specify a trace_file that contains a protocol trace of the zone transfer. This is probably only of interest to people debugging the name server itself.
-x axfr-src
Local address of the zone transfer connection.
-z zone_to_transfer
Specify the name of the zone to be transferred.
Specify the name server.

Additional arguments are taken as name server addresses in so-called "dotted-quad" syntax only; no hostnames are allowed here. At least one address must be specified. Any additional addresses are tried, in order, if the first one fails to transfer to us successfully.

Perform a full zone transfer.
Perform an incremental zone transfer.


The named-xfer program is executed by named to perform an inbound zone transfer. It's rarely executed directly, and then only by system administrators who are trying to debug a zone transfer problem. See RFCs 1033, 1034, and 1035 for more information on the Internet name domain system.

The TSIG info file

The TSIG (transaction signatures) info file is used by named when performing zone transfers; it can be used for debugging purposes. The format of the entries in the file are as follows:

IP address of the nameserver.
Request this zone.
Use this algorithm (decimal). Currently only 157 is supported (HMAC-MD5).
The TSIG key used by the server to authenticate.

For example:

When named-xfer is finished it deletes this file. This is the normal operation when it's used with named.

See also:

hostname, named, /etc/named.conf

RFC 882, RFC 883, RFC 973, RFC 974, RFC 1033, RFC 1034, RFC 1035, RFC 1123