axfr2hosts is a tool meant to do a DNS zone transfer in a form of AXFR transaction of one or more zones towards a single DNS server and convert received A, AAAA and CNAME records from a DNS responses into a hosts file for a local use, for instance when DNS servers are unreachable and/or down.

By default hosts entries will be sorted its IP as a key and under each entry individual FQDNs will be sorted alphabetically.

If needed, axfr2hosts can also read and parse local RFC 1035 zones (for instance BIND 9 zone files) and process A and CNAME records into a hosts file as described above so that a zone transfer is not needed.

Either of:

• Ability to do a full zone transfer (AXFR), usually permitted with allow-transfer in BIND 9 or with allow-axfr-ips in PowerDNS,
• Permissions to read RFC 1035 zone files locally.

There are two ways of installing axfr2hosts:

Download your preferred flavor from the releases page and install manually, typically to /usr/local/bin/axfr2hosts.

go install github.com/dkorunic/axfr2hosts@latest

Usage: ./axfr2hosts [options] zone [zone2 [zone3 ...]] [@server[:port]]
  -cidr_list string
    	Use only targets from CIDR whitelist (comma separated list)
  -cpu_profile string
    	CPU profile output file
  -greedy_cname
    	Resolve out-of-zone CNAME targets (default true)
  -ignore_star
    	Ignore wildcard records (default true)
  -max_retries uint
    	Maximum DNS zone transfer attempts (default 3)
  -max_transfers uint
    	Maximum parallel zone transfers (default 10)
  -mem_profile string
    	memory profile output file
  -resolver_address string
    	DNS resolver (DNS recursor) IP address
  -resolver_timeout duration
    	DNS queries timeout (should be 2-10s) (default 10s)
  -strip_domain
    	Strip domain name from FQDN hosts entries
  -strip_unstrip
    	Keep both FQDN names and domain-stripped names
  -verbose
    	Enable more verbosity
1) If server was not specified, zones will be parsed as RFC 1035 zone files on a local filesystem,
2) We also permit zone=domain argument format to infer a domain name for zone files.

For more information visit project home: https://github.com/dkorunic/axfr2hosts

At minimum, a single zone and a single server are needed for any meaningful action.

Typical use case would be:

axfr2hosts dkorunic.net pkorunic.net @172.64.33.146

However the tool by default follows CNAMEs even if they are out-of-zone and resolves to one or more IP addresses if possible and lists all of them. That behaviour can be changed with -greedy_cname=false flag.

Also, by default tool lists wildcard (DNS labels containing *) like they are ordinary labels and that can be changed with -ignore_star=true flag, which simply skips over those records.

Finally if there is a need to list only a subset of records matching one or more CIDR ranges, -cidr_list flag can be used.

If there is a lot of zones that need to be fetched at once, tool works well with xargs. Individual zone errors will be displayed and such zones will be skipped over:

xargs axfr2hosts @nameserver < list

Maximum of concurrent zone transfers is limited by -max_transfers flag and defaults to 10, aligned with BIND 9 default (transfers-out in BIND 9 named.conf).

It is also possible to output hosts file with domain names stripped by using -strip_domain=true flag. It is also possible to keep both domain-stripped labels and FQDNs at the same time by using -strip_unstrip=true flag. When using many domains at once, either of these options do not make much sense.

It is also possible to directly process RFC 1035 zone files on a local filesystem when a nameserver is not been specified. We would typically recommend specifying a domain name manually by suffixing the zone file with = and domain name as shown below, as one inferred from a zone can possibly be invalid (due to lack of top-level $ORIGIN and/or all records being non-FQDN and/or being suffixed with @ macro):

axfr2hosts dkorunic.net.zone=dkorunic.net

In case you are wondering what dns: bad xfr rcode: 9 means, here is a list of DNS response codes: