dig not giving me enough info

[JNicita]

Our company is in the process of taking over a website for a customer. We are attempting to mirror the domains zone file in preperation of the sites transfer. We want to mirror whats being served by the current web host. I know from the customer that there are multiple a records, cnames, and mx records. I am finding that trying to digg for them isnt giving me all the info I think I should be getting.

Is there a tool that will allow me to grab the entire zone file, or is the security of the DNS prevent this? I figure there must be a tool to or way to get all the entries for a particular domain.


Thanks

 

[elgrandeperro]

Become a fake secondary, and use the inherent named-transfer protocol. You will (might) need to add allow transfer (the secondary) ip to the acl list of the true master. That is what is probably blocking you.
(typically you are allowed to query but not to transfer).

 

[jyorgey]

You can run a dig command to see if the zone is allowing zone transfers:
dig @"customer DNS server" domain.com xfer

If you have permissions you will see the whole zone, normally on internet facing DNS servers, zone transfers are turned off.