Convert zone files from the BIND DNS server into configs for djbdns's tinydns
Switch branches/tags
Nothing to show
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Failed to load latest commit information.


bind-to-tinydns                               Daniel Erat <>

An important note
I wrote this program more than ten years ago and don't trust its management of
memory used to store strings. If you plan to use it to convert untrusted data, I
strongly recommend that you use a different program or port this one to a
language that has a built-in string type (Go would be a good choice).

What it does / Why it does it
This program attempts to convert a BIND 9 zone file into the tinydns-data
format natively used by the tinydns component of Dan Bernstein's djbdns
package (  This can be useful if you need to
periodically convert zones that are stored in BIND format to tinydns format
and you don't have the willingness or the oodles of memory needed to run a
copy of BIND from which you can slave the zones with axfr-get (think >100
MB DNSbl zones, for instance).  For one-time conversions, you should
instead use the AXFR procedure described by Dan

Getting / Compiling
The newest version of this program is available from my homepage
(  After downloading the source, extract it and run
"make".  Copy bind-to-tinydns wherever you want after this (I would
recommend /usr/local/bin).  Edit the Makefile and source or email me if it
doesn't work.

bind-to-tinydns is invoked in the following manner:

  bind-to-tinydns <origin> <output file> <temp file>

The BIND zone is read from STDIN.  To convert a BIND zone file named
"input" containing the zone "" to a tinydns-data file named
"output", you would run:

  bind-to-tinydns output output.tmp <input

If the conversion is successful, the program exits with a return value of
0.  Otherwise, it exits with a return value of 1 (after deleting the
temporary file).  It will abort if the temporary file already exists.

I've only tested this program on Linux.  I hope that it will work on most
UNIX systems.  Please let me know if it doesn't.

The zone file format described in RFC 1035, and by extension, the one used
by BIND, is not parser-friendly.  Without making this program a bigger mess
than it already is, I've tried to make it as close to BIND 9 as possible in
what it accepts and how it interprets data.  I am aware of the following

- Missing SOA records in zone files do not cause failure.
- Missing NS records in zone files do not cause failure.
- RRs that occur before $TTL directives and before any SOA records do
  not cause failure or warnings (a default TTL of 86400, rather than
  that of the MINIMUM value of the SOA's rdata, is used).
- The parser does not reject or modify RRs with the same owner that
  have different TTLs.
- IN is the only supported record class.  Records in other classes are
- The only supported record types are SOA, NS, MX, A, CNAME, PTR, TXT,
  SRV, and AAAA.  AAAA support is not well-tested.  Records of other types
  are ignored.
- The $INCLUDE directive is not supported, and causes failure.

If you find additional differences (or worse yet, input that makes the
program crash or go into an infinite loop), or if any of these differences
bug you, please let me know so I can fix the problem.

Version History / Changelog
0.3   20030521  Initial release.
0.4   20030601  Added a string structure and modified functions to use it,
                yielding simpler, safer code and a 33% performance increase
                when processing the TXT-record heavy
                zone.  Spun off tokenizing and parsing/emitting sections of
                main() into new functions.  Tried to mitigate
                aforementioned safety by adding a bunch of nasty code to
                handle $GENERATE directives (including ${offset,width,base}
                parameters).  The program now accepts lines with
                unterminated double- or backslash-quoted strings, but
                prints a warning.  Fixed a silly bug that would allow
                specific out-of-zone data through.
0.4.1 20030608  Fixed a stupid typo that prevented too-large TTLs in RRs
                from being detected.  Changed str_to_uint() to behave
                closer to the way that my other string-handling functions
                behave.  Added size checks for time values in SOA RDATA.
0.4.2 20040326  Mariano Absatz <> wrote that he came
                across some zone files generated by Microsoft's DNS software
                that had invalid (too large) TTL values.  Made his
                recommended changes, so the program spits out a warning and
                uses the default TTL instead of exiting with a fatal error.
                I also made the program a bit more lenient in other places
                (RRs of unknown type are skipped with a warning message
                instead of causing failure, for example).  Thanks Mariano!
0.4.3 20050817  Ick, I can't believe that I wrote this ugly code. :(
                Fixed a bug that Rein <> ran into, where an
                origin of "." resulted in all records being declared

[For all subsequent changes, check the commit history at]