[net-dns-users] AXFR (was: Re: sep() and is_sep())

Calle Dybedahl calle at init.se
Mon Jun 2 12:34:43 UTC 2014

On 2 jun 2014, at 12:52, Dick Franks <rwfranks at acm.org> wrote:

> On 2 June 2014 08:31, Calle Dybedahl <calle at init.se> wrote:
> I just found that the interface to AXFR has also changed completely.
> Wild exaggeration.  TSIG verification has been added.  In all other respects, the API is unchanged.

In Net::DNS 0.74 there were methods in Net::DNS::Resolver called axfr_start and axfr_next. In 0.76 there no longer is. I do not agree that that counts as “unchanged”.

>    The redundant SOA record that terminates the zone transfer is not returned
>     to the caller.
> [perldoc Net::DNS::Resolver]

I’ve been working with another module for some time, and forgot about that. My apologies.

> 2) Returning all RRs in a single list rather than giving me one at a time
> $res->axfr() has always returned a single list.
> The internal axfr_start() and axfr_next() return a packet. This is necessary to perform TSIG verification. 

Maybe so, but the external axfr_next() returned Net::DNS::RR objects. From the Net::DNS::Resolver documentation for 0.74:


        while (my $rr = $res->axfr_next) {

    Reads records from a zone transfer one at a time.

We’ve been using code very close to that example to process the .SE zone with negligible memory usage. I have not tried to measure how much memory a list of 6.6 million RR objects would use, but I feel confident that it would not be negligible.

Calle Dybedahl
calle at init.se -*- +46 703 - 970 612

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nlnetlabs.nl/pipermail/net-dns-users/attachments/20140602/cb9deb5a/attachment.htm>

More information about the net-dns-users mailing list