[ldns-users] More info from drill -T
Greg Ward
greg at gerg.ca
Wed Jan 29 23:39:47 UTC 2014
Hi again --
drill -T is working great with the new "follow CNAMEs" feature --
thanks, Willem!
But I find myself wanting more info for two distinct reasons.
1) "nxdomain" errors are not obvious in trace mode. E.g.
$ drill -T this-is-a-bogus-domain.net
. 518400 IN NS c.root-servers.net.
. 518400 IN NS h.root-servers.net.
[...]
net. 172800 IN NS j.gtld-servers.net.
net. 172800 IN NS i.gtld-servers.net.
[...]
net. 900 IN SOA a.gtld-servers.net. nstld.verisign-grs.com. 1391037622 1800 900 604800 86400
There's no explicit "NXDOMAIN" indicator, like you get from "drill" without -T.
Increasing the verbosity doesn't help:
$ drill -T -V5 this-is-a-bogus-domain.net | grep rcode:
;; ->>HEADER<<- opcode: QUERY, rcode: NOERROR, id: 0
;; ->>HEADER<<- opcode: QUERY, rcode: NOERROR, id: 0
;; ->>HEADER<<- opcode: QUERY, rcode: NOERROR, id: 0
;; ->>HEADER<<- opcode: QUERY, rcode: NOERROR, id: 0
;; ->>HEADER<<- opcode: QUERY, rcode: NOERROR, id: 0
;; ->>HEADER<<- opcode: QUERY, rcode: NOERROR, id: 0
;; ->>HEADER<<- opcode: QUERY, rcode: NOERROR, id: 0
2) It's hard (impossible?) to tell how lines of output correspond to
DNS query/response packets without using -V5, and that gives a
flood of uninteresting additional data. (Including reverse lookups
of some of the nameservers that we hit along the way!)
It appears that the ";; " lines that are useful with normal drill (and
dig) output are, ummm, not so useful in trace mode. Is this a known
bug? Or am I missing something (like, that's a feature)?
Thanks --
Greg
More information about the ldns-users
mailing list