## page was copied from DNS/RFC/5936
DNS/RFC/5936について、ここに記述してください。

https://tools.ietf.org/html/rfc5936

DNS Zone Transfer Protocol (AXFR)

https://tools.ietf.org/html/rfc5936#page-15
  3. Zone Contents


occluded names:   "to close up or block off"

----
QNAME       the name of the zone requested

2.2.  AXFR Response

An AXFR response that is transferring the zone's contents will
consist of a series (which could be a series of length 1) of DNS messages.

In such a series, the first message MUST begin with the SOA resource record of the zone,
and the last message MUST conclude with the same SOA resource record.
Intermediate messages MUST NOT contain the SOA resource record. 

これからしても、ひとつのゾーンだけを含められることは明らか。

{{{
3.  Zone Contents
3.1.  Records to Include
3.2.  Delegation Records
3.3.  Glue Records
　?? Inconsistent glue records are an operational matter.
3.5.  Occluded Names
}}}

6.  Zone Integrity

if any error is detected, this data set MUST be deleted,
and the AXFR client MUST continue to serve the previous version of the zone,
if it did before.

Ensuring that an AXFR client does not accept a forged copy of a zone
   is important to the security of a zone.  
If a zone operator has the
   opportunity, protection can be afforded via dedicated links, physical
   or virtual via a VPN among the authoritative servers.  
But there are instances in which zone operators have no choice but to run AXFR
   sessions over the global public Internet.