axfrdns runs chrooted in the directory specified by the $ROOT environment variable, under the uid and gid specified by the $UID and $GID environment variables.
Normally axfrdns runs under tcpserver or sslserver to handle TCP connections on port 53 of a local IP address.
tcpserver and sslserver are responsible for rejecting connections from hosts not authorized to perform zone transfers.
axfrdns looks up zone-transfer results in data.cdb, a binary file created by tinydns-data. It also responds to normal client queries, such as SOA queries, which usually precede zone-transfer requests.
axfrdns allows zone transfers for any zone listed in the $AXFR environment variable.
$AXFR is a slash-separated list of domain names. If $AXFR is not set, axfrdns allows zone transfers for all zones available in data.cdb.
axfrdns aborts if it runs out of memory, or has trouble reading data.cdb, or receives a request larger than 512 bytes, or receives a truncated request, or receives a zone-transfer request disallowed by $AXFR, or receives a request not answered by data.cdb, or waits 60 seconds with nothing happening.
axfrdns does not provide glue records outside the target domain.
The zone-transfer protocol does not support timestamps. If a record is scheduled to be created in the future, axfrdns does not send it; after the starting time, the zone-transfer client will continue claiming that the record doesn't exist, until it contacts axfrdns again. Similarly, if a record is scheduled to die in the future, axfrdns sends it (with a 2-second TTL); after the ending time, the zone-transfer client will continue providing the old record, until it contacts axfrdns again.
Zone-transfer clients rely on zone serial numbers changing for every zone modification.
tinydns-data uses the modification time of the data file as its serial number for all zones. Do not make more than one modification per second.
BIND's zone-transfer client, named-xfer, converts zone-transfer data to zone-file format. Beware that zone-file format has no generic mechanism to express records of arbitrary types; named-xfer chokes if it does not recognize a record type used in data.cdb.