[net-dns-users] Parsing MS DNS zone files

Mon Oct 27 11:52:06 UTC 2014

On 27-Oct-14 00:02, Chris Buxton wrote:
> Hi,
>
> I'm trying to parse MS DNS zone files using Net::DNS::Zonefile, but
> it's having issues with two non-standard Microsoft additions to the
> format:
>
> 1. Age values. For example:
>
> _kerberos._tcp.direktion._sites.dc._msdcs [AGE:3627351] 600     SRV  
>   0 100 88        atzt0009.at.zurich.com <http://atzt0009.at.zurich.com>.
>
> 2. WINS records. For example:
>
> @                       0       WINS    L2 C900 (
>                                         192.168.47.221
>                                         192.168.47.222 )
>
> I don't actually need these data points. I just need to have
> Net::DNS::ZoneFile::read not fail (return null) when encountering
> them. I have a lot of this data, such that it would be painful to rely
> on manual remediation. Does anyone have any ideas?
>
> Thanks,
> Chris Buxton

I'm not an MS DNS admin expert - perhaps there's an 'export a standard
zonefile' utility somewhere.  A quick search didn't turn one up, but I
may have missed it.

One approach is to use axfr() instead of reading the file.  You can tell
the MS server not to transfer these records - there's a 'do not repicate
this record' checkbox somewhere.  See
http://technet.microsoft.com/en-us/library/cc784258(v=ws.10).aspx.

Or you can use Dick's approach and trap the exception - though I'd match
for these cases on the error string in case you trip on another error
from time to time.

I'd use axfr() if possible - that's the standard API to DNS.  M$
extensions are always a moving target.  At least you can beat them up if
that's broken.

If axfr() isn't allowed from the hosting server, or if these files
aren't served by one: I might even go as far as running a private M$
server with read-only access to these zone files, on a non-standard port
rather than forcibly read the files...

I really, really don't like chasing M$...

If at some point you need the WINS/WINS-R records, it wouldn't be hard
to write a Net::DNS class for them.  You might suggest an API for
registering a private class so that you don't have to patch the dispatch
hash.  Then you could submit it to CPAN - assuming the Net::DNS folks
don't take it.

Hmm, looks like a 5cent response to a 1cent question.  Oh, well.

Good luck.

-- 
This communication may not represent my employer's views,
if any, on the matters discussed. 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nlnetlabs.nl/pipermail/net-dns-users/attachments/20141027/04f4f11e/attachment.htm>