This Python script compares multiple versions of DNS zone files in a directory.
It groups zone files by filename prefix, parses records with dnspython, and performs pairwise diffs between versions.
It outputs per-zone difference reports and global summary CSVs, helping to track changes across zone versions.
python zone_version_diff.py <zone_dir>- zone_dir: Directory containing normalized zone files (e.g.,
db.example.com_1_canon).
Example:
python zone_version_diff.py ./zones-
Files must match the global pattern:
*_<version>_canonExamples:
db.example.com_1_canondb.example.com_12_canon.txt
-
The zone name is inferred from the filename prefix:
db.example.com_1_canon→ zone origin =example.com
- Groups zone files by prefix and version number.
- Parses records with dnspython:
- Owner names → absolute lowercase FQDNs
- TTLs → ignored
- RR types in
IGNORE_TYPES(default: SOA) → skipped
- Skips zones matching
_msdcs.*ifEXCLUDE_MSDCS = True. - Compares records pairwise between all versions:
- Writes per-zone
only-in-vXfiles with differences. - Creates per-zone pairwise summary CSVs.
- Writes per-zone
- Generates global reports:
filelist.txt→ all matched fileszonelist.txt→ unique zone listGLOBAL_pairwise_summary.csv→ summary of all diffserrors.txt,note.txt
Output is written into a subdirectory of <zone_dir>:
dns_diff_report/
├── filelist.txt
├── zonelist.txt
├── GLOBAL_pairwise_summary.csv
├── errors.txt
├── note.txt
├── <zone>/
│ ├── <zone>_pairwise_summary.csv
│ ├── <zone>_v1-v2_only-in-v1.txt
│ ├── <zone>_v1-v2_only-in-v2.txt
│ └── ...
- Python 3
- Libraries:
dnspython
Install:
pip install dnspython- Ensure zone files are normalized (
*_canon) before running. - Only authoritative content is compared; TTLs and ignored RR types are excluded.
- Useful for regression testing, migration validation, and version auditing of DNS zones.
This script is covered under the repository’s main MIT License.