Skip to main content
Skip table of contents

1531 - Performing DNS Zone Transfers

Scenario

In this lab, you will practice DNS zone transfers to understand DNS operations better. The zones are already set up for practice. You will perform a zone transfer against a forward and a reverse mapping zone using the name server mimosa.techblue.io.

Estimate Completion Time

  • 10 to 15 minutes

Requirements

  • Access to the online tool Dig Web Interface or a system with the dig command-line tool installed and internet access

Course References

  • 2303: Exploring DNS Authoritative Data

Tasks

We suggest using the Dig Web Interface for this lab, as the Dig tool may not be installed on all machines.

Task 1: Performing Zone Transfer against Forward Mapping Zone

  1. Use the Dig Web Interface to perform a zone transfer for the forward mapping zone axfr.ddi.ninja using the name server mimosa.techblue.io. If you already have Dig installed on your system, you may use Command Prompt or Terminal to perform the same.

Task 2: Performing Zone Transfer against Reverse Mapping Zone 

  1. Use the Dig Web Interface to perform a zone transfer for the reverse mapping zone 53.31.172.in-addr.arpa using the name server mimosa.techblue.io. If you already have Dig installed on your system, you may use Command Prompt or Terminal to perform the same.


Solutions

Task 1 Solution: Performing Zone Transfer against Forward Mapping Zone

You can perform a zone transfer using one of the following methods:

Using Dig Web Interface:

  1. Access Dig Web Interface using a web browser.

  2. Enter axfr.ddi.ninja in the "Hostnames or IP addresses" field.

  3. Select AXFR in the "Type" dropdown.

  4. Enter mimosa.techblue.io in the "Nameservers" field and select ‘Specify myself’.

  5. Click Dig.

    1.png

Using Terminal (Linux and macOS):

  1. Open the terminal on your system.

    • Linux: Press Ctrl + Alt + T to open the terminal.

    • macOS: Press Command + Space, type Terminal, and press Enter.

  2. Run the following command: dig axfr axfr.ddi.ninja. @mimosa.techblue.io.

Using Command Prompt (Windows):

  1. Open the Command Prompt by pressing Win + R, typing cmd, and pressing Enter.

  2. If you have dig installed, run the following command: dig axfr axfr.ddi.ninja. @mimosa.techblue.io.

The output will list all records within the specified zone.

CODE
axfr.ddi.ninja.		3600 IN	SOA polaris.techblue.io. training-tech.infoblox.com. (
				49         ; serial
				10800      ; refresh (3 hours)
				3600       ; retry (1 hour)
				2419200    ; expire (4 weeks)
				900        ; minimum (15 minutes)
				)
axfr.ddi.ninja.		3600 IN	AAAA 2001:db8::53:10
axfr.ddi.ninja.		3600 IN	A 172.31.53.10
axfr.ddi.ninja.		3600 IN	CAA 0 issuewild "comodoca.com"
axfr.ddi.ninja.		3600 IN	CAA 0 issue "letsencrypt.org"
axfr.ddi.ninja.		3600 IN	CAA 0 iodef "mailto:admin@axfr.ddi.ninja"
axfr.ddi.ninja.		3600 IN	TXT "AXFR test zone for axfr.ddi.ninja"
axfr.ddi.ninja.		3600 IN	NS kochab.techblue.io.
axfr.ddi.ninja.		3600 IN	NS pollux.techblue.io.
axfr.ddi.ninja.		3600 IN	NS mimosa.techblue.io.
axfr.ddi.ninja.		3600 IN	NS castor.techblue.io.
axfr.ddi.ninja.		3600 IN	MX 10 mail.axfr.ddi.ninja.
axfr.ddi.ninja.		3600 IN	MX 20 backupmail.axfr.ddi.ninja.
axfr.ddi.ninja.		3600 IN	MX 30 tertiarymail.axfr.ddi.ninja.
_ldap._tcp.axfr.ddi.ninja. 3600	IN SRV 0 10 389 ldap.axfr.ddi.ninja.
app.axfr.ddi.ninja.	3600 IN	AAAA 2001:db8::53:21
app.axfr.ddi.ninja.	3600 IN	A 172.31.53.21
backup.axfr.ddi.ninja.	3600 IN	A 172.31.53.199
backupmail.axfr.ddi.ninja. 3600	IN A 172.31.53.25
blog.axfr.ddi.ninja.	3600 IN	CNAME www.axfr.ddi.ninja.
contact.axfr.ddi.ninja.	3600 IN	TXT "For issues, contact admin@axfr.ddi.ninja"
dev.axfr.ddi.ninja.	3600 IN	AAAA 2001:db8::53:22
dev.axfr.ddi.ninja.	3600 IN	A 172.31.53.22
ftp.axfr.ddi.ninja.	3600 IN	AAAA 2001:db8::53:12
ftp.axfr.ddi.ninja.	3600 IN	A 172.31.53.12
ldap.axfr.ddi.ninja.	3600 IN	A 172.31.53.15
mail.axfr.ddi.ninja.	3600 IN	AAAA 2001:db8::53:11
mail.axfr.ddi.ninja.	3600 IN	A 172.31.53.11
shop.axfr.ddi.ninja.	3600 IN	CNAME www.axfr.ddi.ninja.
staging.axfr.ddi.ninja.	3600 IN	AAAA 2001:db8::53:23
staging.axfr.ddi.ninja.	3600 IN	A 172.31.53.23
tertiarymail.axfr.ddi.ninja. 3600 IN A 172.31.53.26
user_access.axfr.ddi.ninja. 3600 IN TXT	"policy=restricted; level=admin"
www.axfr.ddi.ninja.	3600 IN	CNAME axfr.ddi.ninja.
axfr.ddi.ninja.		3600 IN	SOA polaris.techblue.io. training-tech.infoblox.com. (
				49         ; serial
				10800      ; refresh (3 hours)
				3600       ; retry (1 hour)
				2419200    ; expire (4 weeks)
				900        ; minimum (15 minutes)
				)

Task 2 Solution: Performing Zone Transfer against Reverse Mapping Zone 

You can perform a zone transfer using one of the following methods:

Using Dig Web Interface:

  1. Access Dig Web Interface using a web browser.

  2. Enter 53.31.172.in-addr.arpa in the "Hostnames or IP addresses" field.

  3. Select AXFR in the "Type" dropdown.

  4. Enter mimosa.techblue.io in the "Nameservers" field.

  5. Click Dig.

    2.png

Using Terminal (Linux and macOS):

  1. Open the terminal on your system.

    • Linux: Press Ctrl + Alt + T to open the terminal.

    • macOS: Press Command + Space, type Terminal, and press Enter.

  2. Run the following command: dig axfr 53.31.172.in-addr.arpa. @mimosa.techblue.io.

Using Command Prompt (Windows):

  1. Open the Command Prompt by pressing Win + R, typing cmd, and pressing Enter.

  2. If you have dig installed, run the following command: dig axfr 53.31.172.in-addr.arpa. @mimosa.techblue.io.

The output will list all records within the specified zone.

CODE
53.31.172.in-addr.arpa.	3600 IN	SOA polaris.techblue.io. training-tech.infoblox.com. (
				18         ; serial
				10800      ; refresh (3 hours)
				3600       ; retry (1 hour)
				2419200    ; expire (4 weeks)
				900        ; minimum (15 minutes)
				)
53.31.172.in-addr.arpa.	3600 IN	NS kochab.techblue.io.
53.31.172.in-addr.arpa.	3600 IN	NS pollux.techblue.io.
53.31.172.in-addr.arpa.	3600 IN	NS mimosa.techblue.io.
53.31.172.in-addr.arpa.	3600 IN	NS castor.techblue.io.
10.53.31.172.in-addr.arpa. 3600	IN PTR axfr.ddi.ninja.
11.53.31.172.in-addr.arpa. 3600	IN PTR mail.axfr.ddi.ninja.
12.53.31.172.in-addr.arpa. 3600	IN PTR ftp.axfr.ddi.ninja.
15.53.31.172.in-addr.arpa. 3600	IN PTR ldap.axfr.ddi.ninja.
199.53.31.172.in-addr.arpa. 3600 IN PTR	backup.axfr.ddi.ninja.
21.53.31.172.in-addr.arpa. 3600	IN PTR app.axfr.ddi.ninja.
22.53.31.172.in-addr.arpa. 3600	IN PTR dev.axfr.ddi.ninja.
23.53.31.172.in-addr.arpa. 3600	IN PTR staging.axfr.ddi.ninja.
25.53.31.172.in-addr.arpa. 3600	IN PTR backupmail.axfr.ddi.ninja.
26.53.31.172.in-addr.arpa. 3600	IN PTR tertiarymail.axfr.ddi.ninja.
53.31.172.in-addr.arpa.	3600 IN	SOA polaris.techblue.io. training-tech.infoblox.com. (
				18         ; serial
				10800      ; refresh (3 hours)
				3600       ; retry (1 hour)
				2419200    ; expire (4 weeks)
				900        ; minimum (15 minutes)
				)



JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.