Annotation of src/usr.bin/dig/dig.1, Revision 1.1
1.1 ! florian 1: .\" $OpenBSD: dig.1,v 1.34 2020/01/20 20:56:57 florian Exp $
! 2: .\"
! 3: .\" Copyright (C) 2000-2011, 2013-2018 Internet Systems Consortium, Inc. ("ISC")
! 4: .\"
! 5: .\" Permission to use, copy, modify, and/or distribute this software for any
! 6: .\" purpose with or without fee is hereby granted, provided that the above
! 7: .\" copyright notice and this permission notice appear in all copies.
! 8: .\"
! 9: .\" THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
! 10: .\" REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
! 11: .\" AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
! 12: .\" INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
! 13: .\" LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
! 14: .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
! 15: .\" PERFORMANCE OF THIS SOFTWARE.
! 16: .\"
! 17: .Dd $Mdocdate: January 20 2020 $
! 18: .Dt DIG 1
! 19: .Os
! 20: .Sh NAME
! 21: .Nm dig
! 22: .Nd DNS lookup utility
! 23: .Sh SYNOPSIS
! 24: .Nm
! 25: .Op Pf @ Ar server
! 26: .Op Fl 46hiuv
! 27: .Op Fl b Ar address Ns Op Pf # Ar port
! 28: .Op Fl c Ar class
! 29: .Op Fl f Ar file
! 30: .Op Fl k Ar keyfile
! 31: .Op Fl p Ar port
! 32: .Op Fl q Ar name
! 33: .Op Fl t Ar type
! 34: .Op Fl x Ar addr
! 35: .Op Fl y Oo Ar hmac : Oc Ns Ar name : Ns Ar key
! 36: .Op Ar name
! 37: .Op Ar type
! 38: .Op Ar class
! 39: .Op Pf + Ar queryopt ...
! 40: .Sh DESCRIPTION
! 41: The
! 42: .Nm
! 43: command is a flexible tool for interrogating DNS name servers.
! 44: It performs DNS lookups and displays the answers that are returned from the name
! 45: servers that were queried.
! 46: Although
! 47: .Nm
! 48: is normally used with command line arguments, it also has a batch mode of
! 49: operation for reading lookup requests from a file.
! 50: When no command line arguments or options are given,
! 51: .Nm
! 52: will perform an NS query for '.' (the root).
! 53: .Pp
! 54: A typical invocation of
! 55: .Nm
! 56: looks like:
! 57: .Pp
! 58: .Dl dig @server [options] name type [class] [+queryopt]
! 59: .Bl -tag -width +queryopt
! 60: .It Pf @ Ar server
! 61: The name or IP address of the name server to query.
! 62: When the argument is a hostname,
! 63: .Nm
! 64: resolves that name before querying that name server.
! 65: If no
! 66: .Ar server
! 67: argument is provided,
! 68: .Nm
! 69: will try each of the servers listed in
! 70: .Xr resolv.conf 5 .
! 71: If no usable addresses are found,
! 72: .Nm
! 73: will send the query to the local host.
! 74: The reply from the name server that responds is displayed.
! 75: .It Ar name
! 76: The name of the resource record that is to be looked up.
! 77: .It Ar type
! 78: The type of query, as documented for
! 79: .Fl t .
! 80: The default is
! 81: .Cm A .
! 82: .It Ar class
! 83: The query class, as documented for
! 84: .Fl c .
! 85: The default is
! 86: .Cm IN .
! 87: .It Pf + Ar queryopt
! 88: One or more query options,
! 89: as documented in
! 90: .Sx QUERY OPTIONS ,
! 91: below.
! 92: .El
! 93: .Pp
! 94: The options are as follows:
! 95: .Bl -tag -width Ds
! 96: .It Fl 4
! 97: Use IPv4 only.
! 98: .It Fl 6
! 99: Use IPv6 only.
! 100: .It Fl b Ar address Ns Op Pf # Ar port
! 101: Set the source IP address of the query.
! 102: The
! 103: .Ar address
! 104: must be a valid address on one of the host's network interfaces, or
! 105: "0.0.0.0" or "::". An optional port may be specified by appending
! 106: "#<port>".
! 107: .It Fl c Ar class
! 108: Set the query class.
! 109: The default is
! 110: .Cm IN ;
! 111: other classes are
! 112: .Cm HS
! 113: for Hesiod records and
! 114: .Cm CH
! 115: for Chaosnet records.
! 116: .It Fl f Ar file
! 117: Batch mode:
! 118: .Nm
! 119: reads a list of lookup requests to process from the given
! 120: .Ar file .
! 121: Each line in the file should be organized in the same way they would be
! 122: presented as queries to
! 123: .Nm
! 124: using the command-line interface.
! 125: .It Fl h
! 126: Display a brief summary of command line arguments and options.
! 127: .It Fl i
! 128: Do reverse IPv6 lookups using the obsolete RFC 1886 IP6.INT domain, which is no
! 129: longer in use.
! 130: Obsolete bit string label queries (RFC 2874) are not attempted.
! 131: .It Fl k Ar keyfile
! 132: Sign queries using TSIG using a key read from the given file.
! 133: When using TSIG authentication with
! 134: .Nm ,
! 135: the name server that is queried needs to know the key and algorithm that is
! 136: being used.
! 137: In BIND, this is done by providing appropriate
! 138: .Ic key
! 139: and
! 140: .Ic server
! 141: statements in
! 142: .Pa named.conf .
! 143: .It Fl p Ar port
! 144: Send the query to a non-standard port on the server, instead of the defaut port
! 145: 53.
! 146: This option would be used to test a name server that has been configured to
! 147: listen for queries on a non-standard port number.
! 148: .It Fl q Ar name
! 149: The domain name to query.
! 150: This is useful to distinguish the
! 151: .Ar name
! 152: from other arguments.
! 153: .It Fl t Ar type
! 154: The resource record type to query.
! 155: It can be any valid query type.
! 156: If it is a resource record type supported in BIND 9, it can be given by the
! 157: type mnemonic (such as
! 158: .Cm NS
! 159: or
! 160: .Cm AAAA ) .
! 161: The default query type is
! 162: .Cm A ,
! 163: unless the
! 164: .Fl x
! 165: option is supplied to indicate a reverse lookup.
! 166: A zone transfer can be requested by specifying a type of
! 167: .Cm AXFR .
! 168: When an incremental zone transfer is required, set the
! 169: .Ar type
! 170: to
! 171: .Cm IXFR Ns = Ns Ar N .
! 172: The incremental zone transfer will contain the changes made to the zone since
! 173: the serial number in the zone's SOA record was
! 174: .Ar N .
! 175: .Pp
! 176: All resource record types can be expressed as
! 177: .Cm TYPE Ns Ar nn ,
! 178: where
! 179: .Ar nn
! 180: is the number of the type.
! 181: If the resource record type is not supported in BIND 9, the result will be
! 182: displayed as described in RFC 3597.
! 183: .It Fl u
! 184: Print query times in microseconds instead of milliseconds.
! 185: .It Fl v
! 186: Print the version number and exit.
! 187: .It Fl x Ar addr
! 188: Simplified reverse lookups, for mapping addresses to names.
! 189: The
! 190: .Ar addr
! 191: is an IPv4 address in dotted-decimal notation, or a colon-delimited IPv6
! 192: address.
! 193: When the
! 194: .Fl x
! 195: is used, there is no need to provide the
! 196: .Ar name ,
! 197: .Ar class
! 198: and
! 199: .Ar type
! 200: arguments.
! 201: .Nm
! 202: automatically performs a lookup for a name like
! 203: .Ql 94.2.0.192.in-addr.arpa
! 204: and sets the query type and class to
! 205: .Cm PTR
! 206: and
! 207: .Cm IN
! 208: respectively.
! 209: IPv6 addresses are looked up using nibble format under the IP6.ARPA domain
! 210: (but see also the
! 211: .Fl i
! 212: option).
! 213: .It Fl y Xo
! 214: .Op Ar hmac : Ns
! 215: .Ar keyname : Ns
! 216: .Ar secret
! 217: .Xc
! 218: Sign queries using TSIG with the given authentication key.
! 219: .Ar keyname
! 220: is the name of the key, and
! 221: .Ar secret
! 222: is the base64 encoded shared secret.
! 223: .Ar hmac
! 224: is the name of the key algorithm;
! 225: valid choices are
! 226: .Ql hmac-md5 ,
! 227: .Ql hmac-sha1 ,
! 228: .Ql hmac-sha224 ,
! 229: .Ql hmac-sha256 ,
! 230: .Ql hmac-sha384 ,
! 231: or
! 232: .Ql hmac-sha512 .
! 233: If
! 234: .Ar hmac
! 235: is not specified, the default is
! 236: .Ql hmac-md5
! 237: or if MD5 was disabled
! 238: .Ql hmac-sha256 .
! 239: .Pp
! 240: NOTE: You should use the
! 241: .Fl k
! 242: option and
! 243: avoid the
! 244: .Fl y
! 245: option, because
! 246: with
! 247: .Fl y
! 248: the shared secret is supplied as a command line argument in clear text.
! 249: This may be visible in the output from
! 250: .Xr ps 1
! 251: or in a history file maintained by the user's shell.
! 252: .El
! 253: .Pp
! 254: The
! 255: .Cm IN
! 256: and
! 257: .Cm CH
! 258: class names overlap with the IN and CH top level domain names.
! 259: Either use the
! 260: .Fl t
! 261: and
! 262: .Fl c
! 263: options to specify the type and class, use the
! 264: .Fl q
! 265: to specify the domain name, or use "IN." and "CH." when looking up these top
! 266: level domains.
! 267: .Sh QUERY OPTIONS
! 268: .Nm
! 269: provides a number of query options which affect the way in which lookups are
! 270: made and the results displayed.
! 271: Some of
! 272: these set or reset flag bits in the query header, some determine which sections
! 273: of the answer get printed, and others determine the timeout and retry
! 274: strategies.
! 275: .Pp
! 276: Each query option is identified by a keyword preceded by a plus sign
! 277: .Pq Cm + .
! 278: Some keywords set or reset an option.
! 279: These may be preceded by the string
! 280: .Cm no
! 281: to negate the meaning of that keyword.
! 282: Other keywords assign values to options like the timeout interval.
! 283: They have the form
! 284: .Cm + Ns Ar keyword Ns = Ns Ar value .
! 285: Keywords may be abbreviated, provided the abbreviation is unambiguous; for
! 286: example,
! 287: .Cm +cd
! 288: is equivalent
! 289: to
! 290: .Cm +cdflag .
! 291: The query options are:
! 292: .Bl -tag -width Ds
! 293: .It Xo
! 294: .Cm + Ns
! 295: .Op Cm no Ns
! 296: .Cm aaflag
! 297: .Xc
! 298: A synonym for
! 299: .Xo
! 300: .Cm + Ns
! 301: .Op Cm no Ns
! 302: .Cm aaonly .
! 303: .Xc
! 304: .It Xo
! 305: .Cm + Ns
! 306: .Op Cm no Ns
! 307: .Cm aaonly
! 308: .Xc
! 309: Set the "aa" flag in the query (off by default).
! 310: .It Xo
! 311: .Cm + Ns
! 312: .Op Cm no Ns
! 313: .Cm additional
! 314: .Xc
! 315: Display the additional section of a reply (on by default).
! 316: .It Xo
! 317: .Cm + Ns
! 318: .Op Cm no Ns
! 319: .Cm adflag
! 320: .Xc
! 321: Set the AD (authentic data) bit in the query (on by default).
! 322: This requests the server to return whether all of the answer and authority
! 323: sections have all been validated as secure according to the security policy of
! 324: the server.
! 325: AD=1 indicates that all records have been validated as secure and the answer is
! 326: not from an OPT-OUT range.
! 327: AD=0 indicates that some part of the answer was insecure or not validated.
! 328: .It Xo
! 329: .Cm + Ns
! 330: .Op Cm no Ns
! 331: .Cm all
! 332: .Xc
! 333: Set or clear all display flags.
! 334: .It Xo
! 335: .Cm + Ns
! 336: .Op Cm no Ns
! 337: .Cm answer
! 338: .Xc
! 339: Display the answer section of a reply (on by default).
! 340: .It Xo
! 341: .Cm + Ns
! 342: .Op Cm no Ns
! 343: .Cm authority
! 344: .Xc
! 345: Display the authority section of a reply (on by default).
! 346: .It Xo
! 347: .Cm + Ns
! 348: .Op Cm no Ns
! 349: .Cm besteffort
! 350: .Xc
! 351: Attempt to display the contents of messages which are malformed (on by
! 352: default).
! 353: .It Cm +bufsize Ns = Ns Ar #
! 354: Set the UDP message buffer size advertised using EDNS0 to
! 355: .Ar #
! 356: bytes.
! 357: The maximum and minimum sizes of this buffer are 65535 and 0 respectively.
! 358: Values outside this range are rounded up or down appropriately.
! 359: Values other than zero will cause an EDNS query to be sent.
! 360: .It Xo
! 361: .Cm + Ns
! 362: .Op Cm no Ns
! 363: .Cm cdflag
! 364: .Xc
! 365: Set the CD (checking disabled) bit in the query (off by default).
! 366: This requests the server to not perform DNSSEC validation of responses.
! 367: .It Xo
! 368: .Cm + Ns
! 369: .Op Cm no Ns
! 370: .Cm class
! 371: .Xc
! 372: Display the CLASS when printing the record (on by default).
! 373: .It Xo
! 374: .Cm + Ns
! 375: .Op Cm no Ns
! 376: .Cm cmd
! 377: .Xc
! 378: Print an initial comment identifying the version of
! 379: .Nm
! 380: and the query options that have been applied (on by default).
! 381: .It Xo
! 382: .Cm + Ns
! 383: .Op Cm no Ns
! 384: .Cm comments
! 385: .Xc
! 386: Display comment lines in the output (on by default).
! 387: .It Xo
! 388: .Cm + Ns
! 389: .Op Cm no Ns
! 390: .Cm cookie Ns
! 391: .Op = Ns Ar value
! 392: .Xc
! 393: Send a COOKIE EDNS option, containing an optional
! 394: .Ar value
! 395: (off by default).
! 396: Replaying a COOKIE from a previous response will allow the server to
! 397: identify a previous client.
! 398: .Pp
! 399: .Cm +cookie
! 400: is automatically set when
! 401: .Cm +trace
! 402: is in use, to better emulate the default queries from a name server.
! 403: .Pp
! 404: This option was formerly called
! 405: .Xo
! 406: .Cm + Ns
! 407: .Op Cm no Ns
! 408: .Cm sit
! 409: .Xc
! 410: (Server Identity Token).
! 411: In BIND 9.10.0 through BIND 9.10.2,
! 412: it sent the experimental option code 65001.
! 413: This was changed to option code 10 in BIND 9.10.3 when the DNS
! 414: COOKIE option was allocated.
! 415: .Pp
! 416: The
! 417: .Xo
! 418: .Cm + Ns
! 419: .Op Cm no Ns
! 420: .Cm sit
! 421: .Xc
! 422: option is now deprecated, but has been retained as a synonym for
! 423: .Xo
! 424: .Cm + Ns
! 425: .Op Cm no Ns
! 426: .Cm cookie
! 427: .Xc
! 428: for backward compatibility within the BIND 9.10 branch.
! 429: .It Xo
! 430: .Cm + Ns
! 431: .Op Cm no Ns
! 432: .Cm crypto
! 433: .Xc
! 434: Display cryptographic fields in DNSSEC records (on by default).
! 435: The contents of these field are unnecessary to debug most DNSSEC validation
! 436: failures and removing them makes it easier to see the common failures.
! 437: When omitted they are replaced by the string "[omitted]" or in the DNSKEY case
! 438: the key id is displayed as the replacement, e.g. "[ key id = value ]".
! 439: .It Xo
! 440: .Cm + Ns
! 441: .Op Cm no Ns
! 442: .Cm defname
! 443: .Xc
! 444: Deprecated, treated as a synonym for
! 445: .Xo
! 446: .Cm + Ns
! 447: .Op Cm no Ns
! 448: .Cm search
! 449: .Xc .
! 450: .It Xo
! 451: .Cm + Ns
! 452: .Op Cm no Ns
! 453: .Cm dnssec
! 454: .Xc
! 455: Request DNSSEC records be sent by setting the DNSSEC OK bit (DO) in the OPT
! 456: record in the additional section of the query (off by default).
! 457: .It Cm +domain Ns = Ns Ar name
! 458: Set the search list to contain the single domain
! 459: .Ar name ,
! 460: as if specified in a
! 461: .Ic domain
! 462: directive in
! 463: .Xr resolv.conf 5 ,
! 464: and enable search list processing as if the
! 465: .Cm +search
! 466: option were given (off by default).
! 467: .It Xo
! 468: .Cm + Ns
! 469: .Op Cm no Ns
! 470: .Cm edns Ns
! 471: .Op = Ns Ar #
! 472: .Xc
! 473: Use EDNS in the query (on by default).
! 474: A version may also be specified, from 0 (the default) to 255.
! 475: .Cm +noedns
! 476: disables EDNS and clears the remembered version.
! 477: .It Cm +ednsflags Ns Op = Ns Ar #
! 478: Set the must-be-zero EDNS flags bits (Z bits)
! 479: to the specified value (0 by default).
! 480: Decimal, hex and octal encodings are accepted.
! 481: Setting a named flag (e.g. DO) will silently be ignored.
! 482: .It Xo
! 483: .Cm + Ns
! 484: .Op Cm no Ns
! 485: .Cm ednsnegotiation
! 486: .Xc
! 487: Enable EDNS version negotiation (off by default).
! 488: .It Xo
! 489: .Cm + Ns
! 490: .Op Cm no Ns
! 491: .Cm ednsopt Ns
! 492: .Op = Ns Ar code Ns Op : Ns Ar value
! 493: .Xc
! 494: Specify EDNS option with code point
! 495: .Ar code
! 496: and optionally payload of
! 497: .Ar value
! 498: as a hexadecimal string.
! 499: .Ar code
! 500: can be
! 501: either an EDNS option name (for example,
! 502: .Cm NSID
! 503: or
! 504: .Cm ECS ) ,
! 505: or an arbitrary numeric value.
! 506: .Cm +noednsopt
! 507: clears the EDNS options to be sent.
! 508: .It Xo
! 509: .Cm + Ns
! 510: .Op Cm no Ns
! 511: .Cm expire
! 512: .Xc
! 513: Send an EDNS Expire option (off by default).
! 514: .It Xo
! 515: .Cm + Ns
! 516: .Op Cm no Ns
! 517: .Cm fail
! 518: .Xc
! 519: Do not try the next server if you receive a SERVFAIL.
! 520: This option is on by default,
! 521: which is the reverse of normal stub resolver behavior.
! 522: .It Xo
! 523: .Cm + Ns
! 524: .Op Cm no Ns
! 525: .Cm identify
! 526: .Xc
! 527: Show the IP address and port number that supplied the answer (off by default).
! 528: This option has no effect unless the
! 529: .Cm +short
! 530: option is enabled.
! 531: .It Xo
! 532: .Cm + Ns
! 533: .Op Cm no Ns
! 534: .Cm idnout
! 535: .Xc
! 536: Convert puny code on output.
! 537: This version of
! 538: .Nm
! 539: does not support IDN.
! 540: .It Xo
! 541: .Cm + Ns
! 542: .Op Cm no Ns
! 543: .Cm ignore
! 544: .Xc
! 545: Ignore truncation in UDP responses.
! 546: This option is off by default, which means truncated responses
! 547: cause retrying with TCP.
! 548: .It Xo
! 549: .Cm + Ns
! 550: .Op Cm no Ns
! 551: .Cm keepopen
! 552: .Xc
! 553: Keep the TCP socket open between queries and reuse it.
! 554: This option is off by default, which means that a new TCP socket
! 555: is created for each lookup.
! 556: .It Xo
! 557: .Cm + Ns
! 558: .Op Cm no Ns
! 559: .Cm multiline
! 560: .Xc
! 561: Print records like the SOA records in a verbose multi-line format with
! 562: human-readable comments.
! 563: This option is off by default, which means that each record is
! 564: printed on a single line to facilitate machine parsing of the
! 565: .Nm
! 566: output.
! 567: .It Cm +ndots Ns = Ns Ar #
! 568: Set the number of dots that have to appear in
! 569: .Ar name
! 570: to
! 571: .Ar #
! 572: for it to be considered absolute.
! 573: The default value is that defined using the ndots statement in
! 574: .Xr resolv.conf 5 ,
! 575: or 1 if no ndots statement is present.
! 576: Names with fewer dots are interpreted as relative names and will be searched
! 577: for in the domains listed in the
! 578: .Cm search
! 579: or
! 580: .Cm domain
! 581: directive in
! 582: .Xr resolv.conf 5
! 583: if
! 584: .Cm +search
! 585: is set.
! 586: .It Xo
! 587: .Cm + Ns
! 588: .Op Cm no Ns
! 589: .Cm nsid
! 590: .Xc
! 591: Include an EDNS name server ID request when sending a query (off by default).
! 592: .It Xo
! 593: .Cm + Ns
! 594: .Op Cm no Ns
! 595: .Cm nssearch
! 596: .Xc
! 597: Attempt to find the authoritative name servers for the zone
! 598: containing the name being looked up and display the SOA record
! 599: that each name server has for the zone (off by default).
! 600: .It Xo
! 601: .Cm + Ns
! 602: .Op Cm no Ns
! 603: .Cm onesoa
! 604: .Xc
! 605: Print only one (starting) SOA record when performing an
! 606: .Cm AXFR .
! 607: This option is off by default, which means that both the starting
! 608: and the ending SOA records are printed.
! 609: .It Xo
! 610: .Cm + Ns
! 611: .Op Cm no Ns
! 612: .Cm opcode Ns = Ns
! 613: .Ar #
! 614: .Xc
! 615: Set or restore the DNS message opcode to the specified value,
! 616: which can be
! 617: .Cm QUERY Pq the default ,
! 618: .Cm IQUERY ,
! 619: .Cm STATUS ,
! 620: .Cm NOTIFY ,
! 621: .Cm UPDATE ,
! 622: or an integer number in the range from 0 to 15.
! 623: .It Xo
! 624: .Cm + Ns
! 625: .Op Cm no Ns
! 626: .Cm qr
! 627: .Xc
! 628: Print the query as it is sent (off by default).
! 629: .It Xo
! 630: .Cm + Ns
! 631: .Op Cm no Ns
! 632: .Cm question
! 633: .Xc
! 634: Print the question section of a query as a comment when an answer
! 635: is returned (on by default).
! 636: .It Xo
! 637: .Cm + Ns
! 638: .Op Cm no Ns
! 639: .Cm rdflag
! 640: .Xc
! 641: A synonym for
! 642: .Xo
! 643: .Cm + Ns
! 644: .Op Cm no Ns
! 645: .Cm recurse
! 646: .Xc .
! 647: .It Xo
! 648: .Cm + Ns
! 649: .Op Cm no Ns
! 650: .Cm recurse
! 651: .Xc
! 652: Set the RD (recursion desired) bit in the query (on by default).
! 653: Recursion is automatically disabled when the
! 654: .Cm +nssearch
! 655: or
! 656: .Cm +trace
! 657: query options are used.
! 658: .It Cm +retry Ns = Ns Ar #
! 659: Set the number of times to retry UDP queries to server to
! 660: .Ar # .
! 661: The default is 2.
! 662: Unlike
! 663: .Cm +tries ,
! 664: this does not include the initial query.
! 665: .It Xo
! 666: .Cm + Ns
! 667: .Op Cm no Ns
! 668: .Cm rrcomments
! 669: .Xc
! 670: Display per-record comments in the output (for example,
! 671: human-readable key information about DNSKEY records).
! 672: The default is
! 673: .Cm +rrcomments
! 674: if
! 675: .Cm +multiline
! 676: mode is active or
! 677: .Cm +norrcomments
! 678: otherwise.
! 679: .It Xo
! 680: .Cm + Ns
! 681: .Op Cm no Ns
! 682: .Cm search
! 683: .Xc
! 684: Use the search list defined by the searchlist or domain directive in
! 685: .Xr resolv.conf 5 ,
! 686: if any (off by default).
! 687: \&'ndots' from
! 688: .Xr resolv.conf 5
! 689: (default 1), which may be overridden by
! 690: .Cm +ndots ,
! 691: determines if the name will be treated as relative or not and hence whether a
! 692: search is eventually performed or not.
! 693: .It Xo
! 694: .Cm + Ns
! 695: .Op Cm no Ns
! 696: .Cm short
! 697: .Xc
! 698: Provide a terse answer (off by default).
! 699: .It Xo
! 700: .Cm + Ns
! 701: .Op Cm no Ns
! 702: .Cm showsearch
! 703: .Xc
! 704: Perform a search showing intermediate results (off by default).
! 705: .It Xo
! 706: .Cm + Ns
! 707: .Op Cm no Ns
! 708: .Cm split Ns = Ns Ar #
! 709: .Xc
! 710: Split long hex- or base64-formatted fields in resource records into chunks of
! 711: .Ar #
! 712: characters (where
! 713: .Ar #
! 714: is rounded up to the nearest multiple of 4).
! 715: .Cm +nosplit
! 716: or
! 717: .Cm +split Ns =0
! 718: causes fields not to be split at all.
! 719: The default is 56 characters, or 44 characters when
! 720: .Cm +multiline
! 721: mode is active.
! 722: .It Xo
! 723: .Cm + Ns
! 724: .Op Cm no Ns
! 725: .Cm stats
! 726: .Xc
! 727: Print statistics:
! 728: when the query was made, the size of the reply and so on (on by default).
! 729: .It Xo
! 730: .Cm + Ns
! 731: .Op Cm no Ns
! 732: .Cm subnet Ns = Ns
! 733: .Ar addr Ns
! 734: .Op / Ns Ar prefix
! 735: .Xc
! 736: Send an EDNS Client Subnet option with the specified IP address or
! 737: network prefix (off by default).
! 738: .Pp
! 739: .Nm
! 740: .Cm +subnet Ns =0.0.0.0/0,
! 741: or simply
! 742: .Nm
! 743: .Cm +subnet Ns =0
! 744: for short, sends an EDNS CLIENT-SUBNET option with an empty address and a
! 745: source prefix-length of zero, which signals a resolver that the client's address
! 746: information must
! 747: .Em not
! 748: be used when resolving this query.
! 749: .It Xo
! 750: .Cm + Ns
! 751: .Op Cm no Ns
! 752: .Cm tcp
! 753: .Xc
! 754: Use TCP when querying name servers (off by default).
! 755: .Cm IXFR Ns = Ns Ar N
! 756: queries use TCP unless it is explicitly disabled with
! 757: .Cm +notcp .
! 758: .Cm AXFR
! 759: queries always use TCP.
! 760: .It Cm +timeout Ns = Ns Ar #
! 761: Set the timeout for a query to
! 762: .Ar #
! 763: seconds.
! 764: The default is 5 seconds for UDP and 10 seconds for TCP.
! 765: An attempt to set
! 766: .Ar #
! 767: to less than 1 will result in a query timeout of 1 second being applied.
! 768: .It Xo
! 769: .Cm + Ns
! 770: .Op Cm no Ns
! 771: .Cm trace
! 772: .Xc
! 773: Trace the delegation path from the root name servers for the name
! 774: being looked up (off by default).
! 775: .Pp
! 776: When tracing is enabled,
! 777: .Nm
! 778: makes iterative queries to resolve the name being looked up.
! 779: It will follow referrals from the root servers, showing the answer from each
! 780: server that was used to resolve the lookup.
! 781: .Pp
! 782: If @server is also specified, it affects only the initial query for the root
! 783: zone name servers.
! 784: .Pp
! 785: .Cm +dnssec
! 786: is also set when
! 787: .Cm +trace
! 788: is set to better emulate the default queries from a name server.
! 789: .It Cm +tries Ns = Ns Ar #
! 790: Set the number of times to try UDP queries to server to
! 791: .Ar # .
! 792: The default is 3.
! 793: If
! 794: .Ar #
! 795: is less than or equal to zero, the number of tries is silently rounded up to 1.
! 796: .It Xo
! 797: .Cm + Ns
! 798: .Op Cm no Ns
! 799: .Cm ttlid
! 800: .Xc
! 801: Display the TTL when printing the record (on by default).
! 802: .It Xo
! 803: .Cm + Ns
! 804: .Op Cm no Ns
! 805: .Cm vc
! 806: .Xc
! 807: Use TCP when querying name servers.
! 808: This alternate syntax to
! 809: .Xo
! 810: .Cm + Ns
! 811: .Op Cm no Ns
! 812: .Cm tcp
! 813: .Xc
! 814: is provided for backwards compatibility.
! 815: The "vc" stands for "virtual circuit".
! 816: .El
! 817: .Sh MULTIPLE QUERIES
! 818: The BIND 9 implementation of
! 819: .Nm
! 820: supports specifying multiple queries on the command line (in addition to
! 821: supporting the
! 822: .Fl f
! 823: batch file option).
! 824: Each of those queries can be supplied with its own set of flags, options and
! 825: query options.
! 826: .Pp
! 827: In this case, each
! 828: .Ar query
! 829: argument represent an individual query in the command-line syntax described
! 830: above.
! 831: Each consists of any of the standard options and flags, the name to be looked
! 832: up, an optional query type and class and any query options that should be
! 833: applied to that query.
! 834: .Pp
! 835: A global set of query options, which should be applied to all queries, can
! 836: also be supplied.
! 837: These global query options must precede the first tuple of name, class, type,
! 838: options, flags, and query options supplied on the command line.
! 839: Any global query options (except the
! 840: .Xo
! 841: .Cm + Ns
! 842: .Op Cm no Ns
! 843: .Cm cmd
! 844: .Xc
! 845: option) can be overridden by a query-specific set of query options.
! 846: For example:
! 847: .Bd -literal -offset indent
! 848: dig +qr www.isc.org any -x 127.0.0.1 isc.org ns +noqr
! 849: .Ed
! 850: .Pp
! 851: shows how
! 852: .Nm
! 853: could be used from the command line to make three lookups: an ANY query for
! 854: www.isc.org, a reverse lookup of 127.0.0.1 and a query for the NS records of
! 855: isc.org.
! 856: A global query option of
! 857: .Cm +qr
! 858: is applied, so that
! 859: .Nm
! 860: shows the initial query it made for each lookup.
! 861: The final query has a local query option of
! 862: .Cm +noqr
! 863: which means that
! 864: .Nm
! 865: will not print the initial query when it looks up the NS records for
! 866: isc.org.
! 867: .Sh FILES
! 868: .Bl -tag -width Ds
! 869: .It Pa /etc/resolv.conf
! 870: Resolver configuration file.
! 871: .It Pa ${HOME}/.digrc
! 872: User defaults for
! 873: .Nm .
! 874: This file is read and any options in it are applied before the command line
! 875: arguments.
! 876: .El
! 877: .Sh SEE ALSO
! 878: .Xr host 1 ,
! 879: .Xr resolv.conf 5
! 880: .Sh STANDARDS
! 881: .Rs
! 882: .%A P. Mockapetris
! 883: .%D November 1987
! 884: .%R RFC 1035
! 885: .%T Domain Names - Implementation and Specification
! 886: .Re
! 887: .Sh AUTHORS
! 888: .An -nosplit
! 889: .An Internet Systems Consortium, Inc .
! 890: .Sh BUGS
! 891: There are probably too many query options.