Annotation of src/usr.bin/dig/dig.1, Revision 1.4
1.4 ! florian 1: .\" $OpenBSD: dig.1,v 1.3 2020/02/12 14:46:36 schwarze Exp $
1.1 florian 2: .\"
3: .\" Copyright (C) 2000-2011, 2013-2018 Internet Systems Consortium, Inc. ("ISC")
4: .\"
5: .\" Permission to use, copy, modify, and/or distribute this software for any
6: .\" purpose with or without fee is hereby granted, provided that the above
7: .\" copyright notice and this permission notice appear in all copies.
8: .\"
9: .\" THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
10: .\" REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
11: .\" AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
12: .\" INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
13: .\" LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
14: .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
15: .\" PERFORMANCE OF THIS SOFTWARE.
16: .\"
1.4 ! florian 17: .Dd $Mdocdate: February 12 2020 $
1.1 florian 18: .Dt DIG 1
19: .Os
20: .Sh NAME
21: .Nm dig
22: .Nd DNS lookup utility
23: .Sh SYNOPSIS
24: .Nm
25: .Op Pf @ Ar server
26: .Op Fl 46hiuv
1.3 schwarze 27: .Op Fl b Ar sourceaddr Ns Op Pf # Ar port
1.1 florian 28: .Op Fl c Ar class
29: .Op Fl f Ar file
30: .Op Fl k Ar keyfile
31: .Op Fl p Ar port
32: .Op Fl q Ar name
33: .Op Fl t Ar type
34: .Op Fl x Ar addr
35: .Op Fl y Oo Ar hmac : Oc Ns Ar name : Ns Ar key
36: .Op Ar name
37: .Op Ar type
38: .Op Ar class
39: .Op Pf + Ar queryopt ...
40: .Sh DESCRIPTION
41: The
42: .Nm
43: command is a flexible tool for interrogating DNS name servers.
44: It performs DNS lookups and displays the answers that are returned from the name
45: servers that were queried.
46: Although
47: .Nm
48: is normally used with command line arguments, it also has a batch mode of
49: operation for reading lookup requests from a file.
50: When no command line arguments or options are given,
51: .Nm
52: will perform an NS query for '.' (the root).
53: .Pp
54: A typical invocation of
55: .Nm
56: looks like:
57: .Pp
58: .Dl dig @server [options] name type [class] [+queryopt]
59: .Bl -tag -width +queryopt
60: .It Pf @ Ar server
61: The name or IP address of the name server to query.
62: When the argument is a hostname,
63: .Nm
64: resolves that name before querying that name server.
65: If no
66: .Ar server
67: argument is provided,
68: .Nm
69: will try each of the servers listed in
70: .Xr resolv.conf 5 .
71: If no usable addresses are found,
72: .Nm
73: will send the query to the local host.
74: The reply from the name server that responds is displayed.
75: .It Ar name
76: The name of the resource record that is to be looked up.
77: .It Ar type
78: The type of query, as documented for
79: .Fl t .
80: The default is
81: .Cm A .
82: .It Ar class
83: The query class, as documented for
84: .Fl c .
85: The default is
86: .Cm IN .
87: .It Pf + Ar queryopt
88: One or more query options,
89: as documented in
90: .Sx QUERY OPTIONS ,
91: below.
92: .El
93: .Pp
94: The options are as follows:
95: .Bl -tag -width Ds
96: .It Fl 4
97: Use IPv4 only.
98: .It Fl 6
99: Use IPv6 only.
1.3 schwarze 100: .It Fl b Ar sourceaddr Ns Op Pf # Ar port
101: Set the source IP address of the query, which is useful on machines
102: with multiple interfaces.
1.1 florian 103: The
1.3 schwarze 104: .Ar sourceaddr
1.1 florian 105: must be a valid address on one of the host's network interfaces, or
106: "0.0.0.0" or "::". An optional port may be specified by appending
107: "#<port>".
108: .It Fl c Ar class
109: Set the query class.
110: The default is
111: .Cm IN ;
112: other classes are
113: .Cm HS
114: for Hesiod records and
115: .Cm CH
116: for Chaosnet records.
117: .It Fl f Ar file
118: Batch mode:
119: .Nm
120: reads a list of lookup requests to process from the given
121: .Ar file .
122: Each line in the file should be organized in the same way they would be
123: presented as queries to
124: .Nm
125: using the command-line interface.
126: .It Fl h
127: Display a brief summary of command line arguments and options.
128: .It Fl i
129: Do reverse IPv6 lookups using the obsolete RFC 1886 IP6.INT domain, which is no
130: longer in use.
131: Obsolete bit string label queries (RFC 2874) are not attempted.
132: .It Fl k Ar keyfile
1.4 ! florian 133: Sign queries using TSIG.
! 134: The format of the
! 135: .Ar keyfile
! 136: is as follows:
! 137: .Bd -literal -offset indent
! 138: key "keyname" {
! 139: algorithm hmac;
! 140: secret "base64-secret";
! 141: };
! 142: .Ed
! 143: .Pp
! 144: .Ar keyname
! 145: is the name of the key, and
! 146: .Ar base64-secret
! 147: is the base64-encoded shared secret.
! 148: .Ar hmac
! 149: is the name of the key algorithm;
! 150: valid choices are
! 151: .Cm hmac-sha1 ,
! 152: .Cm hmac-sha224 ,
! 153: .Cm hmac-sha256 ,
! 154: .Cm hmac-sha384 ,
1.1 florian 155: and
1.4 ! florian 156: .Cm hmac-sha512 .
1.1 florian 157: .It Fl p Ar port
158: Send the query to a non-standard port on the server, instead of the defaut port
159: 53.
160: This option would be used to test a name server that has been configured to
161: listen for queries on a non-standard port number.
162: .It Fl q Ar name
163: The domain name to query.
164: This is useful to distinguish the
165: .Ar name
166: from other arguments.
167: .It Fl t Ar type
168: The resource record type to query.
169: It can be any valid query type.
170: If it is a resource record type supported in BIND 9, it can be given by the
171: type mnemonic (such as
172: .Cm NS
173: or
174: .Cm AAAA ) .
175: The default query type is
176: .Cm A ,
177: unless the
178: .Fl x
179: option is supplied to indicate a reverse lookup.
180: A zone transfer can be requested by specifying a type of
181: .Cm AXFR .
182: When an incremental zone transfer is required, set the
183: .Ar type
184: to
185: .Cm IXFR Ns = Ns Ar N .
186: The incremental zone transfer will contain the changes made to the zone since
187: the serial number in the zone's SOA record was
188: .Ar N .
189: .Pp
190: All resource record types can be expressed as
191: .Cm TYPE Ns Ar nn ,
192: where
193: .Ar nn
194: is the number of the type.
195: If the resource record type is not supported in BIND 9, the result will be
196: displayed as described in RFC 3597.
197: .It Fl u
198: Print query times in microseconds instead of milliseconds.
199: .It Fl v
200: Print the version number and exit.
201: .It Fl x Ar addr
202: Simplified reverse lookups, for mapping addresses to names.
203: The
204: .Ar addr
205: is an IPv4 address in dotted-decimal notation, or a colon-delimited IPv6
206: address.
207: When the
208: .Fl x
209: is used, there is no need to provide the
210: .Ar name ,
211: .Ar class
212: and
213: .Ar type
214: arguments.
215: .Nm
216: automatically performs a lookup for a name like
217: .Ql 94.2.0.192.in-addr.arpa
218: and sets the query type and class to
219: .Cm PTR
220: and
221: .Cm IN
222: respectively.
223: IPv6 addresses are looked up using nibble format under the IP6.ARPA domain
224: (but see also the
225: .Fl i
226: option).
227: .It Fl y Xo
228: .Op Ar hmac : Ns
229: .Ar keyname : Ns
230: .Ar secret
231: .Xc
232: Sign queries using TSIG with the given authentication key.
233: .Ar keyname
234: is the name of the key, and
235: .Ar secret
236: is the base64 encoded shared secret.
237: .Ar hmac
238: is the name of the key algorithm;
239: valid choices are
1.4 ! florian 240: .Cm hmac-sha1 ,
! 241: .Cm hmac-sha224 ,
! 242: .Cm hmac-sha256 ,
! 243: .Cm hmac-sha384 ,
! 244: and
! 245: .Cm hmac-sha512 .
1.1 florian 246: If
247: .Ar hmac
248: is not specified, the default is
1.4 ! florian 249: .Cm hmac-sha256 .
1.1 florian 250: .Pp
251: NOTE: You should use the
252: .Fl k
253: option and
254: avoid the
255: .Fl y
256: option, because
257: with
258: .Fl y
259: the shared secret is supplied as a command line argument in clear text.
260: This may be visible in the output from
261: .Xr ps 1
262: or in a history file maintained by the user's shell.
263: .El
264: .Pp
265: The
266: .Cm IN
267: and
268: .Cm CH
269: class names overlap with the IN and CH top level domain names.
270: Either use the
271: .Fl t
272: and
273: .Fl c
274: options to specify the type and class, use the
275: .Fl q
276: to specify the domain name, or use "IN." and "CH." when looking up these top
277: level domains.
278: .Sh QUERY OPTIONS
279: .Nm
280: provides a number of query options which affect the way in which lookups are
281: made and the results displayed.
282: Some of
283: these set or reset flag bits in the query header, some determine which sections
284: of the answer get printed, and others determine the timeout and retry
285: strategies.
286: .Pp
287: Each query option is identified by a keyword preceded by a plus sign
288: .Pq Cm + .
289: Some keywords set or reset an option.
290: These may be preceded by the string
291: .Cm no
292: to negate the meaning of that keyword.
293: Other keywords assign values to options like the timeout interval.
294: They have the form
295: .Cm + Ns Ar keyword Ns = Ns Ar value .
296: Keywords may be abbreviated, provided the abbreviation is unambiguous; for
297: example,
298: .Cm +cd
299: is equivalent
300: to
301: .Cm +cdflag .
302: The query options are:
303: .Bl -tag -width Ds
304: .It Xo
305: .Cm + Ns
306: .Op Cm no Ns
307: .Cm aaflag
308: .Xc
309: A synonym for
310: .Xo
311: .Cm + Ns
312: .Op Cm no Ns
313: .Cm aaonly .
314: .Xc
315: .It Xo
316: .Cm + Ns
317: .Op Cm no Ns
318: .Cm aaonly
319: .Xc
320: Set the "aa" flag in the query (off by default).
321: .It Xo
322: .Cm + Ns
323: .Op Cm no Ns
324: .Cm additional
325: .Xc
326: Display the additional section of a reply (on by default).
327: .It Xo
328: .Cm + Ns
329: .Op Cm no Ns
330: .Cm adflag
331: .Xc
332: Set the AD (authentic data) bit in the query (on by default).
333: This requests the server to return whether all of the answer and authority
334: sections have all been validated as secure according to the security policy of
335: the server.
336: AD=1 indicates that all records have been validated as secure and the answer is
337: not from an OPT-OUT range.
338: AD=0 indicates that some part of the answer was insecure or not validated.
339: .It Xo
340: .Cm + Ns
341: .Op Cm no Ns
342: .Cm all
343: .Xc
344: Set or clear all display flags.
345: .It Xo
346: .Cm + Ns
347: .Op Cm no Ns
348: .Cm answer
349: .Xc
350: Display the answer section of a reply (on by default).
351: .It Xo
352: .Cm + Ns
353: .Op Cm no Ns
354: .Cm authority
355: .Xc
356: Display the authority section of a reply (on by default).
357: .It Xo
358: .Cm + Ns
359: .Op Cm no Ns
360: .Cm besteffort
361: .Xc
362: Attempt to display the contents of messages which are malformed (on by
363: default).
364: .It Cm +bufsize Ns = Ns Ar #
365: Set the UDP message buffer size advertised using EDNS0 to
366: .Ar #
367: bytes.
368: The maximum and minimum sizes of this buffer are 65535 and 0 respectively.
369: Values outside this range are rounded up or down appropriately.
370: Values other than zero will cause an EDNS query to be sent.
371: .It Xo
372: .Cm + Ns
373: .Op Cm no Ns
374: .Cm cdflag
375: .Xc
376: Set the CD (checking disabled) bit in the query (off by default).
377: This requests the server to not perform DNSSEC validation of responses.
378: .It Xo
379: .Cm + Ns
380: .Op Cm no Ns
381: .Cm class
382: .Xc
383: Display the CLASS when printing the record (on by default).
384: .It Xo
385: .Cm + Ns
386: .Op Cm no Ns
387: .Cm cmd
388: .Xc
389: Print an initial comment identifying the version of
390: .Nm
391: and the query options that have been applied (on by default).
392: .It Xo
393: .Cm + Ns
394: .Op Cm no Ns
395: .Cm comments
396: .Xc
397: Display comment lines in the output (on by default).
398: .It Xo
399: .Cm + Ns
400: .Op Cm no Ns
401: .Cm cookie Ns
402: .Op = Ns Ar value
403: .Xc
404: Send a COOKIE EDNS option, containing an optional
405: .Ar value
406: (off by default).
407: Replaying a COOKIE from a previous response will allow the server to
408: identify a previous client.
409: .Pp
410: .Cm +cookie
411: is automatically set when
412: .Cm +trace
413: is in use, to better emulate the default queries from a name server.
414: .Pp
415: This option was formerly called
416: .Xo
417: .Cm + Ns
418: .Op Cm no Ns
419: .Cm sit
420: .Xc
421: (Server Identity Token).
422: In BIND 9.10.0 through BIND 9.10.2,
423: it sent the experimental option code 65001.
424: This was changed to option code 10 in BIND 9.10.3 when the DNS
425: COOKIE option was allocated.
426: .Pp
427: The
428: .Xo
429: .Cm + Ns
430: .Op Cm no Ns
431: .Cm sit
432: .Xc
433: option is now deprecated, but has been retained as a synonym for
434: .Xo
435: .Cm + Ns
436: .Op Cm no Ns
437: .Cm cookie
438: .Xc
439: for backward compatibility within the BIND 9.10 branch.
440: .It Xo
441: .Cm + Ns
442: .Op Cm no Ns
443: .Cm crypto
444: .Xc
445: Display cryptographic fields in DNSSEC records (on by default).
446: The contents of these field are unnecessary to debug most DNSSEC validation
447: failures and removing them makes it easier to see the common failures.
448: When omitted they are replaced by the string "[omitted]" or in the DNSKEY case
449: the key id is displayed as the replacement, e.g. "[ key id = value ]".
450: .It Xo
451: .Cm + Ns
452: .Op Cm no Ns
453: .Cm defname
454: .Xc
455: Deprecated, treated as a synonym for
456: .Xo
457: .Cm + Ns
458: .Op Cm no Ns
459: .Cm search
460: .Xc .
461: .It Xo
462: .Cm + Ns
463: .Op Cm no Ns
464: .Cm dnssec
465: .Xc
466: Request DNSSEC records be sent by setting the DNSSEC OK bit (DO) in the OPT
467: record in the additional section of the query (off by default).
468: .It Cm +domain Ns = Ns Ar name
469: Set the search list to contain the single domain
470: .Ar name ,
471: as if specified in a
472: .Ic domain
473: directive in
474: .Xr resolv.conf 5 ,
475: and enable search list processing as if the
476: .Cm +search
477: option were given (off by default).
478: .It Xo
479: .Cm + Ns
480: .Op Cm no Ns
481: .Cm edns Ns
482: .Op = Ns Ar #
483: .Xc
484: Use EDNS in the query (on by default).
485: A version may also be specified, from 0 (the default) to 255.
486: .Cm +noedns
487: disables EDNS and clears the remembered version.
488: .It Cm +ednsflags Ns Op = Ns Ar #
489: Set the must-be-zero EDNS flags bits (Z bits)
490: to the specified value (0 by default).
491: Decimal, hex and octal encodings are accepted.
492: Setting a named flag (e.g. DO) will silently be ignored.
493: .It Xo
494: .Cm + Ns
495: .Op Cm no Ns
496: .Cm ednsnegotiation
497: .Xc
498: Enable EDNS version negotiation (off by default).
499: .It Xo
500: .Cm + Ns
501: .Op Cm no Ns
502: .Cm ednsopt Ns
503: .Op = Ns Ar code Ns Op : Ns Ar value
504: .Xc
505: Specify EDNS option with code point
506: .Ar code
507: and optionally payload of
508: .Ar value
509: as a hexadecimal string.
510: .Ar code
511: can be
512: either an EDNS option name (for example,
513: .Cm NSID
514: or
515: .Cm ECS ) ,
516: or an arbitrary numeric value.
517: .Cm +noednsopt
518: clears the EDNS options to be sent.
519: .It Xo
520: .Cm + Ns
521: .Op Cm no Ns
522: .Cm expire
523: .Xc
524: Send an EDNS Expire option (off by default).
525: .It Xo
526: .Cm + Ns
527: .Op Cm no Ns
528: .Cm fail
529: .Xc
530: Do not try the next server if you receive a SERVFAIL.
531: This option is on by default,
532: which is the reverse of normal stub resolver behavior.
533: .It Xo
534: .Cm + Ns
535: .Op Cm no Ns
536: .Cm identify
537: .Xc
538: Show the IP address and port number that supplied the answer (off by default).
539: This option has no effect unless the
540: .Cm +short
541: option is enabled.
542: .It Xo
543: .Cm + Ns
544: .Op Cm no Ns
545: .Cm idnout
546: .Xc
547: Convert puny code on output.
548: This version of
549: .Nm
550: does not support IDN.
551: .It Xo
552: .Cm + Ns
553: .Op Cm no Ns
554: .Cm ignore
555: .Xc
556: Ignore truncation in UDP responses.
557: This option is off by default, which means truncated responses
558: cause retrying with TCP.
559: .It Xo
560: .Cm + Ns
561: .Op Cm no Ns
562: .Cm keepopen
563: .Xc
564: Keep the TCP socket open between queries and reuse it.
565: This option is off by default, which means that a new TCP socket
566: is created for each lookup.
567: .It Xo
568: .Cm + Ns
569: .Op Cm no Ns
570: .Cm multiline
571: .Xc
572: Print records like the SOA records in a verbose multi-line format with
573: human-readable comments.
574: This option is off by default, which means that each record is
575: printed on a single line to facilitate machine parsing of the
576: .Nm
577: output.
578: .It Cm +ndots Ns = Ns Ar #
579: Set the number of dots that have to appear in
580: .Ar name
581: to
582: .Ar #
583: for it to be considered absolute.
584: The default value is that defined using the ndots statement in
585: .Xr resolv.conf 5 ,
586: or 1 if no ndots statement is present.
587: Names with fewer dots are interpreted as relative names and will be searched
588: for in the domains listed in the
589: .Cm search
590: or
591: .Cm domain
592: directive in
593: .Xr resolv.conf 5
594: if
595: .Cm +search
596: is set.
597: .It Xo
598: .Cm + Ns
599: .Op Cm no Ns
600: .Cm nsid
601: .Xc
602: Include an EDNS name server ID request when sending a query (off by default).
603: .It Xo
604: .Cm + Ns
605: .Op Cm no Ns
606: .Cm nssearch
607: .Xc
608: Attempt to find the authoritative name servers for the zone
609: containing the name being looked up and display the SOA record
610: that each name server has for the zone (off by default).
611: .It Xo
612: .Cm + Ns
613: .Op Cm no Ns
614: .Cm onesoa
615: .Xc
616: Print only one (starting) SOA record when performing an
617: .Cm AXFR .
618: This option is off by default, which means that both the starting
619: and the ending SOA records are printed.
620: .It Xo
621: .Cm + Ns
622: .Op Cm no Ns
623: .Cm opcode Ns = Ns
624: .Ar #
625: .Xc
626: Set or restore the DNS message opcode to the specified value,
627: which can be
628: .Cm QUERY Pq the default ,
629: .Cm IQUERY ,
630: .Cm STATUS ,
631: .Cm NOTIFY ,
632: .Cm UPDATE ,
633: or an integer number in the range from 0 to 15.
634: .It Xo
635: .Cm + Ns
636: .Op Cm no Ns
637: .Cm qr
638: .Xc
639: Print the query as it is sent (off by default).
640: .It Xo
641: .Cm + Ns
642: .Op Cm no Ns
643: .Cm question
644: .Xc
645: Print the question section of a query as a comment when an answer
646: is returned (on by default).
647: .It Xo
648: .Cm + Ns
649: .Op Cm no Ns
650: .Cm rdflag
651: .Xc
652: A synonym for
653: .Xo
654: .Cm + Ns
655: .Op Cm no Ns
656: .Cm recurse
657: .Xc .
658: .It Xo
659: .Cm + Ns
660: .Op Cm no Ns
661: .Cm recurse
662: .Xc
663: Set the RD (recursion desired) bit in the query (on by default).
664: Recursion is automatically disabled when the
665: .Cm +nssearch
666: or
667: .Cm +trace
668: query options are used.
669: .It Cm +retry Ns = Ns Ar #
670: Set the number of times to retry UDP queries to server to
671: .Ar # .
672: The default is 2.
673: Unlike
674: .Cm +tries ,
675: this does not include the initial query.
676: .It Xo
677: .Cm + Ns
678: .Op Cm no Ns
679: .Cm rrcomments
680: .Xc
681: Display per-record comments in the output (for example,
682: human-readable key information about DNSKEY records).
683: The default is
684: .Cm +rrcomments
685: if
686: .Cm +multiline
687: mode is active or
688: .Cm +norrcomments
689: otherwise.
690: .It Xo
691: .Cm + Ns
692: .Op Cm no Ns
693: .Cm search
694: .Xc
695: Use the search list defined by the searchlist or domain directive in
696: .Xr resolv.conf 5 ,
697: if any (off by default).
698: \&'ndots' from
699: .Xr resolv.conf 5
700: (default 1), which may be overridden by
701: .Cm +ndots ,
702: determines if the name will be treated as relative or not and hence whether a
703: search is eventually performed or not.
704: .It Xo
705: .Cm + Ns
706: .Op Cm no Ns
707: .Cm short
708: .Xc
709: Provide a terse answer (off by default).
710: .It Xo
711: .Cm + Ns
712: .Op Cm no Ns
713: .Cm showsearch
714: .Xc
715: Perform a search showing intermediate results (off by default).
716: .It Xo
717: .Cm + Ns
718: .Op Cm no Ns
719: .Cm split Ns = Ns Ar #
720: .Xc
721: Split long hex- or base64-formatted fields in resource records into chunks of
722: .Ar #
723: characters (where
724: .Ar #
725: is rounded up to the nearest multiple of 4).
726: .Cm +nosplit
727: or
728: .Cm +split Ns =0
729: causes fields not to be split at all.
730: The default is 56 characters, or 44 characters when
731: .Cm +multiline
732: mode is active.
733: .It Xo
734: .Cm + Ns
735: .Op Cm no Ns
736: .Cm stats
737: .Xc
738: Print statistics:
739: when the query was made, the size of the reply and so on (on by default).
740: .It Xo
741: .Cm + Ns
742: .Op Cm no Ns
743: .Cm subnet Ns = Ns
744: .Ar addr Ns
745: .Op / Ns Ar prefix
746: .Xc
747: Send an EDNS Client Subnet option with the specified IP address or
748: network prefix (off by default).
749: .Pp
750: .Nm
751: .Cm +subnet Ns =0.0.0.0/0,
752: or simply
753: .Nm
754: .Cm +subnet Ns =0
755: for short, sends an EDNS CLIENT-SUBNET option with an empty address and a
756: source prefix-length of zero, which signals a resolver that the client's address
757: information must
758: .Em not
759: be used when resolving this query.
760: .It Xo
761: .Cm + Ns
762: .Op Cm no Ns
763: .Cm tcp
764: .Xc
765: Use TCP when querying name servers (off by default).
766: .Cm IXFR Ns = Ns Ar N
767: queries use TCP unless it is explicitly disabled with
768: .Cm +notcp .
769: .Cm AXFR
770: queries always use TCP.
771: .It Cm +timeout Ns = Ns Ar #
772: Set the timeout for a query to
773: .Ar #
774: seconds.
775: The default is 5 seconds for UDP and 10 seconds for TCP.
776: An attempt to set
777: .Ar #
778: to less than 1 will result in a query timeout of 1 second being applied.
779: .It Xo
780: .Cm + Ns
781: .Op Cm no Ns
782: .Cm trace
783: .Xc
784: Trace the delegation path from the root name servers for the name
785: being looked up (off by default).
786: .Pp
787: When tracing is enabled,
788: .Nm
789: makes iterative queries to resolve the name being looked up.
790: It will follow referrals from the root servers, showing the answer from each
791: server that was used to resolve the lookup.
792: .Pp
793: If @server is also specified, it affects only the initial query for the root
794: zone name servers.
795: .Pp
796: .Cm +dnssec
797: is also set when
798: .Cm +trace
799: is set to better emulate the default queries from a name server.
800: .It Cm +tries Ns = Ns Ar #
801: Set the number of times to try UDP queries to server to
802: .Ar # .
803: The default is 3.
804: If
805: .Ar #
806: is less than or equal to zero, the number of tries is silently rounded up to 1.
807: .It Xo
808: .Cm + Ns
809: .Op Cm no Ns
810: .Cm ttlid
811: .Xc
812: Display the TTL when printing the record (on by default).
813: .It Xo
814: .Cm + Ns
815: .Op Cm no Ns
816: .Cm vc
817: .Xc
818: Use TCP when querying name servers.
819: This alternate syntax to
820: .Xo
821: .Cm + Ns
822: .Op Cm no Ns
823: .Cm tcp
824: .Xc
825: is provided for backwards compatibility.
826: The "vc" stands for "virtual circuit".
827: .El
828: .Sh MULTIPLE QUERIES
829: The BIND 9 implementation of
830: .Nm
831: supports specifying multiple queries on the command line (in addition to
832: supporting the
833: .Fl f
834: batch file option).
835: Each of those queries can be supplied with its own set of flags, options and
836: query options.
837: .Pp
838: In this case, each
839: .Ar query
840: argument represent an individual query in the command-line syntax described
841: above.
842: Each consists of any of the standard options and flags, the name to be looked
843: up, an optional query type and class and any query options that should be
844: applied to that query.
845: .Pp
846: A global set of query options, which should be applied to all queries, can
847: also be supplied.
848: These global query options must precede the first tuple of name, class, type,
849: options, flags, and query options supplied on the command line.
850: Any global query options (except the
851: .Xo
852: .Cm + Ns
853: .Op Cm no Ns
854: .Cm cmd
855: .Xc
856: option) can be overridden by a query-specific set of query options.
857: For example:
858: .Bd -literal -offset indent
859: dig +qr www.isc.org any -x 127.0.0.1 isc.org ns +noqr
860: .Ed
861: .Pp
862: shows how
863: .Nm
864: could be used from the command line to make three lookups: an ANY query for
865: www.isc.org, a reverse lookup of 127.0.0.1 and a query for the NS records of
866: isc.org.
867: A global query option of
868: .Cm +qr
869: is applied, so that
870: .Nm
871: shows the initial query it made for each lookup.
872: The final query has a local query option of
873: .Cm +noqr
874: which means that
875: .Nm
876: will not print the initial query when it looks up the NS records for
877: isc.org.
878: .Sh FILES
879: .Bl -tag -width Ds
880: .It Pa /etc/resolv.conf
881: Resolver configuration file.
882: .El
883: .Sh SEE ALSO
884: .Xr host 1 ,
885: .Xr resolv.conf 5
886: .Sh STANDARDS
887: .Rs
888: .%A P. Mockapetris
889: .%D November 1987
890: .%R RFC 1035
891: .%T Domain Names - Implementation and Specification
892: .Re
893: .Sh AUTHORS
894: .An -nosplit
895: .An Internet Systems Consortium, Inc .
896: .Sh BUGS
897: There are probably too many query options.