|
HP OpenVMS Systems Documentation |
|
>
Compaq TCP/IP Services for OpenVMS
|
| Previous | Contents |
To solve BIND server problems, see the following sections:
The TCP/IP Services product provides the following utilities for diagnosing problems with the BIND server:
The following sections describe these utilities.
The nslookup utility is no longer recommended. Use the dig utility instead. |
Gathers information from the Domain Name System servers.
dig [@server] [-option] [name] [type] [class] [queryopt...]
dig is a flexible tool for interrogating DNS name servers. It performs DNS lookups and displays the answers that are returned from the name servers that were queried. Most DNS administrators use dig to troubleshoot DNS problems because of its flexibility, ease of use and clarity of output. Other lookup tools tend to have less functionality than dig .Although dig normally is used with command-line arguments, it also has a batch mode of operation for reading lookup requests from a file. A brief summary of its command-line arguments and options is printed when the -h option is given. Unlike earlier versions of BIND, the BIND Version 9 implementation of dig allows multiple lookups to be issued from the command line.
Unless it is told to query a specific name server, dig tries each of the servers listed in your resolver configuration. When no command line arguments or options are given, dig performs an NS query for "." (the root).
dig has two modes: simple interactive mode, for a single query, and batch mode, which executes a query for each in a list of several query lines. All query options are accessible from the command line.
To get online help for the dig utility, enter the -h option on the command line. For example:
$ dig -h
@server
Specifies the name or IP address of the name server to query. This can be either an IPv4 address in dotted-decimal notation or an IPv6 address in colon-delimited notation. When the supplied server argument is a host name, dig resolves that name before querying that name server. If no server argument is provided, dig consults your resolver configuration and queries the name servers listed there. The reply from the name server that responds is displayed.name
Specifies the name of the resource record to look up.type
Indicates the type of query required (ANY, A, MX, SIG, and so forth). If the type parameter is not supplied, dig performs a lookup for an A record.class
Specifies the DNS query class. The default is class IN (Internet).
-b address
Sets the source IP address of the query to address. This must be a valid address on one of the host's network interfaces.-c class
Specifies the query class. class is any valid class, such as HS for hesiod records or CH for CHAOSnet records. The default query class is IN (Internet).-f filename
Makes dig operate in batch mode by reading a list of lookup requests to process from the specified file. The file contains a number of queries, one per line. Each entry in the file should be organized in the same way that dig queries are presented using the command-line interface.-k filename
Allows you to sign the DNS queries sent by dig and their responses using transaction signatures (TSIG). Specify a TSIG key file for filename.-p port
Allows you to specify a nonstandard port number. port is the port number that dig uses to send its queries instead of the standard DNS port number 53. You can use this option to test a name server that has been configured to listen for queries on a nonstandard port number.-t type
Sets the query type to type, which can be any valid query type supported in BIND Version 9. The default query type is A, unless the -x option is supplied to indicate a reverse lookup. A zone transfer can be requested by specifying a type of AXFR. When an incremental zone transfer (IXFR) is required, type is set to ixfr=N . The incremental zone transfer contains the changes made to the zone since the serial number in the zone's SOA record was N.-x addr
Specifies reverse lookups (mapping addresses to names). addr is either an IPv4 address in dotted-decimal notation or a colon-delimited IPv6 address. This option eliminates the need to provide the name, class, and type arguments. dig automatically performs a lookup for a name like 11.12.13.10.in-addr.arpa and sets the query type and class to PTR and IN, respectively. By default, IPv6 addresses are looked up using the IP6.ARPA domain and binary labels as defined in RFC 2874. To use the older RFC 1886 method using the IP6.INT domain and nibble labels, specify the -n (nibble) option.-y name:key
Allows you to specify the TSIG key itself on the command line. name is the name of the TSIG key and key is the actual key. The key is a base-64 encoded string, typically generated by dnssec_keygen . When using TSIG authentication with dig , the name server that is queried needs to know the key and algorithm that is being used. In BIND, this is done by providing appropriate key and server statements in TCPIP$BIND.CONF.
Each query option is identified by a keyword preceded by a plus sign (+). Some keywords set or reset an option. These can be preceded by the string no to negate the meaning of that keyword. Other keywords (like that which sets the timeout interval) assign values to options. These types of keywords have the form +keyword=value .The query options are:
+[no]tcp
Specifies whether to use TCP when querying name servers. The default behavior is to use UDP unless an AXFR or IXFR query is requested, in which case a TCP connection is used.+[no]vc
Specifies whether to use TCP when querying name servers. This alternate syntax to [no]tcp is provided for backward compatibility. ( vc stands for virtual circuit.)+[no]ignore
Ignores truncation in UDP responses instead of retrying with TCP. By default, TCP retries are performed.+domain=name
Sets the search list to contain the single domain name, as if specified in a domain directive in your resolver configuration. Enables search list processing as if the search option were specified.+[no]search
Specifies whether to use the search list defined by the path directive in your resolver configuration. By default, the search list is not used.+[no]defname
This deprecated option is treated as a synonym for [no]search .+[no]aaonly
This option does nothing. It is provided for compatibility with old versions of dig , in which it set an unimplemented resolver flag.+[no]adflag
Specifies whether to set the AD (authentic data) bit in the query. The AD bit currently has a standard meaning only in responses, not in queries, but the ability to set the bit in the query is provided for completeness.+[no]cdflag
Specifies whether to set the CD (checking disabled) bit in the query. This requests the server to not perform DNSSEC validation of responses.+[no]recursive
Toggles the setting of the RD (recursion desired) bit in the query. This bit is set by default, which means dig normally sends recursive queries. Recursion is automatically disabled when the nssearch or trace query options are used.+[no]nssearch
Attempts to find the authoritative name servers for the zone containing the name being looked up. Displays the SOA record that each name server has for the zone.+[no]trace
Toggles tracing of the delegation path from the root name servers for the name being looked up. Tracing is disabled by default. When tracing is enabled, dig makes iterative queries to resolve the name being looked up, following referrals from the root servers and showing the answer from each server that was used to resolve the lookup.+[no]cmd
Toggles the printing of the initial comment in the output identifying the version of dig and the query options that have been applied. This comment is printed by default.+[no]short
Provides a terse answer. The default is to print the answer in verbose form.+[no]identify
Specifies whether to show the IP address and port number that supplied the answer when the +short option is enabled. If terse answers are requested, the default is not to show the source address and port number of the server that provided the answer.+[no]comments
Toggles the display of comment lines in the output. The defa >hostThe host utility allows you to look up Internet host names. By default, the host utility converts between host names and Internet addresses, but its functionality can be extended with the use of options.
Format
host [-aCdlrTvw] [-c class] [-n] [-N ndots] [-R number] [-t type] [-W wait] name [server]
description
The host utility is used to convert names to IP addresses and vice versa. When no arguments or options are given, the host utility prints a short summary of its command line arguments and options.
Parameters
name
Specifies the domain name that is to be looked up. It can also be a dotted-decimal IPv4 address or a colon-delimited IPv6 address, in which cases the host performs a reverse lookup for that address by default.[server]
Specifies the name or IP address of the name server that the host utility should query instead of the server or servers listed in your resolver configuration.
Options
-a
Equivalent to setting the -v option and asking the host utility to make a query of type ANY .-C
Displays the SOA records for zone name from all the listed authoritative name servers for that zone. The list of name servers is defined by the NS records that are found for the zone. The -C option must be enclosed in quotation marks. For example:
$ host -"C" name-c class
Makes a DNS query of class class. This can be used to look up hesiod or CHAOSnet class resource records. The default class is IN (Internet).-d
Specifies verbose output.-l
Selects list mode. This makes the host utility perform a zone transfer for zone name. The argument is provided for compatibility with older implemementations. This option is equivalent to making a query of type AXFR.-n
Specifies that reverse lookups of IPv6 addresses should use the IP6.INT domain and nibble labels, as defined in RFC 1886. The default is to use IP6.ARPA and binary labels, as defined in RFC 2874.-N number
Sets the number of dots that have to be in the zone name for it to be considered absolute. The default value is 1. Names with fewer dots are interpreted as relative names and are searched for in the domains listed in the search path defined in the resolver configuration.-R number
Changes the number of UDP retries for a lookup. The value for number indicates how many times the host utility repeats a query that does not get answered. The default number of retries is 1. If number is negative or zero, the number of retries defaults to 1.-r
Makes nonrecursive queries. Setting this option clears the RD (recursion desired) bit in the query that the host utility makes. This should mean that the name server receiving the query does not attempt to resolve name. The -r option enables host to mimic the behavior of a name server by making nonrecursive queries and expecting to receive answers to those queries that are usually referrals to other name servers.-T
Uses a TCP connection when querying the name server. By default, the host utility uses UDP when making queries.TCP is automatically selected for queries that require it, such as zone transfer (AXFR) requests.
-t type
Selects the query type. type can be any recognized query type, such as CNAME, NS, SOA, SIG, KEY, or AXFR. When no query type is specified, the host utility automatically selects an appropriate query type. By default, the host utility looks for A records, but if the -C option is specified, queries are made for SOA records. If name is a dotted-decimal IPv4 address or a colon-delimited IPv6 address, the host utility queries for PTR records.-v
Generates verbose output.-W wait
Makes the host utility wait for the number of seconds specified by wait before making the query. If wait is less than 1, the wait interval is set to 1 second.-w
Waits forever for a reply. The time to wait for a response is set to the number of seconds given by the hardware's maximum value for an integer quantity.
C.11.2 Using NSLOOKUP to Query a Name Server
The nslookup utility is a debugging tool provided with BIND that allows anyone to directly query a name server and retrieve information. Use NSLOOKUP to determine whether your local name server is running correctly or to retrieve information from remote servers.nslookup makes direct queries to name servers around the world to obtain DNS information, which includes the following:
- Host names and addresses on the local domain
- Host names and addresses on remote domains
- Host names that serve as Mail Exchange (MX) records
- Name servers for a specific zone
Note
The nslookup utility is deprecated. Compaq recommends that you use the dig utility instead.For online information about using the nslookup utility, enter the following command:
$ HELP TCPIP_SERVICES NSLOOKUP
Previous Next Contents