<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
<p>(Sorry for the duplicate/reply without context). See below.<br>
</p>
<div class="moz-cite-prefix">On 21-Aug-23 11:11, Mark Elkins wrote:<br>
</div>
<blockquote type="cite"
cite="mid:0d8c3a05-a45a-0e03-b11f-9d4f32ad618a@posix.co.za">
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<p>Hi,</p>
<p>I'm writing some software to be able to read information from a
Zone file. I am a legally authorised Secondary Authoritative
Nameserver for a number of domains or rather zone files, eg.
EDU.ZA (and others). Is there an easy way to:-</p>
<p>1) Count how many delegated domains there are (Names with NS
records)</p>
<p>2) Extract the above Names - so I can look for changes
(Added/Deleted names)<br>
</p>
<p>3) find out how many unique names have DS records (I can DIG I
suppose)<br>
</p>
<p>I'd also like to spot broken stuff (named-checkzone ?)<br>
</p>
<p>So the zones (such as EDU.ZA) contain the domain name of the
entity (whois.edu.za) along with the Nameserver records and in
this case, a DS record. e.g... "whois.edu.za" looks like....</p>
<p>whois NS
control.vweb.co.za.<br>
NS
secdns1.posix.co.za.<br>
NS
secdns2.posix.co.za.<br>
NS
secdns3.posix.co.za.<br>
DS 27300 13 2
8ED21DB407F6AC3E6EA757AE566953C1BBADD8B652BE4C7C0744B1D7
9DF42894<br>
DS 17837 13 2
36FD5B19450B672988AE507FB7D2F948ED1E889546C6E16554C7EAF9
CE9C3FEA<br>
</p>
<p>One hindrance is that journal files are present - so it is not
just the zone file but the zone.jnl file as well.</p>
<p>Some African ccTLDs have everything in one zone e.g. their COM,
EDU, GOV - etc. In South Africa, these are all separate zones,
making life somewhat easier.<br>
</p>
<p>I'd hate to re-invent software that already exists.</p>
<p>The primary purpose is to pull in data into an (ICANN
requested) African DNS Observatory.<br>
</p>
<p><br>
</p>
<div class="moz-signature">-- <br>
<meta http-equiv="content-type" content="text/html;
charset=UTF-8">
<title></title>
<p>Mark James ELKINS - Posix Systems - (South) Africa<br>
<a class="moz-txt-link-abbreviated moz-txt-link-freetext"
href="mailto:mje@posix.co.za" moz-do-not-send="true">mje@posix.co.za</a>
Tel: <a href="tel:+27826010496" moz-do-not-send="true">+27.826010496</a><br>
For fast, reliable, low cost Internet in ZA: <a
href="https://ftth.posix.co.za" moz-do-not-send="true"
class="moz-txt-link-freetext">https://ftth.posix.co.za</a><br>
</p>
</div>
</blockquote>
<p>Mark,<br>
</p>
<p>a) Use named-compilezone to extract the zone with journals
applied.</p>
<p>b) my favorite: do an axfr of the zone, which gives the correct
data with all the pseudo-ops expanded</p>
<p>c) Use a library - I use Perl's Net::DNS - and write code to do
the axfr & walk the zone - it allows you to access fields in
the records.</p>
<p><a href="https://github.com/tlhackque/certtools"
class="moz-txt-link-freetext">https://github.com/tlhackque/certtools</a>
has a simple utility called acme_token_check that does (c) to
remove stray ACME records - it shows how to do the transfer and
walk the zone. (And also how to use DNS UPDATE to maintain it.)</p>
<p> Enjoy.</p>
<p><br>
</p>
<pre class="moz-signature" cols="72">Timothe Litt
ACM Distinguished Engineer
--------------------------
This communication may not represent the ACM or my employer's views,
if any, on the matters discussed.
</pre>
<p></p>
<p></p>
<div id="grammalecte_menu_main_button_shadow_host" style="width:
0px; height: 0px;"></div>
</body>
</html>