transfer

package
Version: v1.10.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 19, 2022 License: Apache-2.0 Imports: 13 Imported by: 11

README

transfer

Name

transfer - perform (outgoing) zone transfers for other plugins.

Description

This plugin answers zone transfers for authoritative plugins that implement transfer.Transferer.

transfer answers full zone transfer (AXFR) requests and incremental zone transfer (IXFR) requests with AXFR fallback if the zone has changed.

When a plugin wants to notify it's secondaries it will call back into the transfer plugin.

The following plugins implement zone transfers using this plugin: file, auto, secondary, and kubernetes. See transfer.go for implementation details if you are a plugin author that wants to use this plugin.

Syntax

transfer [ZONE...] {
  to ADDRESS...
}
  • ZONE The zones transfer will answer zone transfer requests for. If left blank, the zones are inherited from the enclosing server block. To answer zone transfers for a given zone, there must be another plugin in the same server block that serves the same zone, and implements transfer.Transferer.

  • to ADDRESS... The hosts transfer will transfer to. Use * to permit transfers to all addresses. Zone change notifications are sent to all ADDRESS that are an IP address or an IP address and port e.g. 1.2.3.4, 12:34::56, 1.2.3.4:5300, [12:34::56]:5300. to may be specified multiple times.

You can use the acl plugin to further restrict hosts permitted to receive a zone transfer. See example below.

Examples

Use in conjunction with the acl plugin to restrict access to subnet 10.1.0.0/16.

...
  acl {
    allow type AXFR net 10.1.0.0/16
    allow type IXFR net 10.1.0.0/16
    block type AXFR net *
    block type IXFR net *
  }
  transfer {
    to *
  }
...

Each plugin that can use transfer includes an example of use in their respective documentation.

Documentation

Index

Constants

This section is empty.

Variables

View Source
var (
	// ErrNotAuthoritative is returned by Transfer() when the plugin is not authoritative for the zone.
	ErrNotAuthoritative = errors.New("not authoritative for zone")
)

Functions

This section is empty.

Types

type Transfer

type Transfer struct {
	Transferers []Transferer // List of plugins that implement Transferer

	Next plugin.Handler
	// contains filtered or unexported fields
}

Transfer is a plugin that handles zone transfers.

func (Transfer) Name

func (Transfer) Name() string

Name implements the Handler interface.

func (*Transfer) Notify added in v1.8.0

func (t *Transfer) Notify(zone string) error

Notify will send notifies to all configured to hosts IP addresses. If the zone isn't known to t an error will be returned. The string zone must be lowercased.

func (*Transfer) ServeDNS

func (t *Transfer) ServeDNS(ctx context.Context, w dns.ResponseWriter, r *dns.Msg) (int, error)

ServeDNS implements the plugin.Handler interface.

type Transferer

type Transferer interface {
	// Transfer returns a channel to which it writes responses to the transfer request.
	// If the plugin is not authoritative for the zone, it should immediately return the
	// transfer.ErrNotAuthoritative error. This is important otherwise the transfer plugin can
	// use plugin X while it should transfer the data from plugin Y.
	//
	// If serial is 0, handle as an AXFR request. Transfer should send all records
	// in the zone to the channel. The SOA should be written to the channel first, followed
	// by all other records, including all NS + glue records. The implemenation is also responsible
	// for sending the last SOA record (to signal end of the transfer). This plugin will just grab
	// these records and send them back to the requester, there is little validation done.
	//
	// If serial is not 0, it will be handled as an IXFR request. If the serial is equal to or greater (newer) than
	// the current serial for the zone, send a single SOA record to the channel and then close it.
	// If the serial is less (older) than the current serial for the zone, perform an AXFR fallback
	// by proceeding as if an AXFR was requested (as above).
	Transfer(zone string, serial uint32) (<-chan []dns.RR, error)
}

Transferer may be implemented by plugins to enable zone transfers

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL