Linux Certif

Toute la documentation sur la certification Linux LPI

drill

NAME

drill - get (debug) information out of DNS(SEC)

SYNOPSIS

drill [ OPTION ] @server type name class

DESCRIPTION

drill is a tool to designed to get all sorts of information out of the DNS. It is specificly designed to be used with DNSSEC.

The name drill is a pun on dig. With drill you should be able get even more information than with dig.

@server Send to query to this server.

type Ask for this RR type. If type is not given on the command line it defaults to 'A'. Except when doing to reverse lookup there is defaults to 'PTR'.

name Ask for this name.

class Use this class when querying.

SAMPLE USAGE

drill mx miek.nl Show the MX records of the domain miek.nl

drill -S jelte.nlnetlabs.nl

Chase any signatures a the jelte.nlnetlab.nl domain.

drill -TDI www.example.com

Do a DNSSEC (-D) trace (-T) from the rootservers down to www.example.com.

drill -s dnskey jelte.nlnetlabs.nl

Show the DNSKEY record(s) for jelte.nlnetlabs.nl. For each found DNSKEY record also print the DS record.

OPTIONS

-D, --dnssec

Enable DNSSEC in the query. When querying for DNSSEC types (DNSKEY, RRSIG, DS and NSEC) this is automaticly enabled.

-S, --sigchase

Chase the signature(s) of 'name' to a known key or as high up in the tree as possible.

-T, --trace

Trace name from the root down. When using this option the @server and the type arguments are not used.

-V, --verbose

Be more verbose. Enable once for more messages on the screen. Enable twice for a hexdump of the packets sent.

-4, --ip4

Stay on ip4. Only send queries to ip4 enabled nameservers.

-6, --ip6

Stay on ip6. Only send queries to ip6 enabled nameservers.

-a, --fail

Don't try the next nameserver on SERVFAIL. The default is to do this.

-b size, --bufsize=size

-c, --tcp

Use TCP/IP when querying a server.

-f, --fromfile file

Read the query from a file. The query must be dumped with -w.

-i, --answerinfile file

read the answer from the file instead from the network. This aids in debugging and can be used to check if a query on disk is valid. If the file contains binary data it is assumed to be a query in network order.

-k keyfile, --keyfile=keyfile

Use this file to read a (trusted) key from.

-p port, --port=port

-q, --dumpquery

Dump the query to a file.

-r, --rd

Don't set the RD bit in the query - the default is yes

-s, --ds

When encountering a DNSKEY print the DS also.

-u, --udp

Use UDP when querying a server. This is the default.

-v, --version

-w, --answertofile file

write the answer to a file. The file will contain a hexadecimal dump of the query. This can be used in conjunction with -f.

-x, --reverse

Do a reverse loopup. The type argument is not used, it is preset to PTR.

 

AUTHOR

Jelte Jansen and Miek Gieben. Both of NLnet Labs.

REPORTING BUGS

Report bugs to <drill@nlnetlabs.nl>.

BUGS

LIMITATIONS

None - you can do everything with it, including washing your car.

COPYRIGHT

Copyright (c) 2004 NLnet Labs. Licensed under the GPL 2. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

SEE ALSO

dig(1), RFC2523.