support axfr record type for zone transfer in net.dns[] and net.dns.record[] items

XMLWordPrintable

    • Type: New Feature Request
    • Resolution: Unresolved
    • Priority: Minor
    • None
    • Affects Version/s: 2.4.1
    • Component/s: Agent (G)

      AXFR record type is useful to get a list of DNS records for a zone:

      $ dig -t axfr example.com @192.168.1.1 | head -10

; <<>> DiG 9.9.5-4-Debian <<>> -t axfr example.com @192.168.1.1
;; global options: +cmd
example.com.             86400   IN      SOA     ns1.example.com. admin.example.com. 2011100600 3600 1800 604800 3600
example.com.             86400   IN      NS      ns1.example.com.
alice.example.com.       86400   IN      A       192.168.1.2
bob.example.com.         86400   IN      A       192.168.1.3
bob.example.com.         86400   IN      A       192.168.1.4
bob.example.com.         86400   IN      AAAA    38a1::3
bob.example.com.         86400   IN      AAAA    38a1::4
...

      Not all DNS servers allow zone transfer, because that might not be good from a security perspective.

      So AXFR support in Zabbix agent would be useful for monitoring the DNS security setup, as well as zone content, too.

            Assignee:
            Zabbix Development Team
            Reporter:
            Aleksandrs Saveljevs
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated: