DNS & BIND

DNS & BINDSearch this book
Previous: 11.2 Interactive Versus NoninteractiveChapter 11
nslookup
Next: 11.4 Avoiding the Search List
 

11.3 Option Settings

nslookup has its own set of dials and knobs, called option settings. All of the option settings can be changed. We'll discuss here what each of the options means. We'll use the rest of the chapter to show you how to use them.

% nslookup
Default Server:  bladerunner.fx.movie.edu
Address:  0.0.0.0

> set all
Default Server:  bladerunner.fx.movie.edu
Address:  0.0.0.0

Set options:
  nodebug         defname         search          recurse
  nod2            novc            noignoretc      port=53
  querytype=A     class=IN        timeout=5       retry=4
  root=a.root-servers.net.
  domain=fx.movie.edu
  srchlist=fx.movie.edu


> ^D

Before we get into the options, we need to cover the introductory lines. The default name server is bladerunner.fx.movie.edu. This means that every query sent by nslookup is going to be sent to bladerunner. The address 0.0.0.0 means "this host." When nslookup is using address 0.0.0.0 or 127.0.0.1 as its server, it is using the name server running on the local system - in this case, bladerunner.

The options come in two flavors: Boolean and value. The options that do not have an equals sign after them are Boolean options. They have the interesting property of being either "on" or "off." The value options can take on different, well, values. How can we tell which Boolean options are on and which are off? The option is off when a "no" precedes the option's name. nodebug means that debugging is off. As you might guess, the option search is on.

How you change Boolean or value options depends on whether you are using nslookup interactively or not. In an interactive session, you change an option with the set command, as in set debug or set domain=classics.movie.edu. From the command line, you omit the word set and precede the option with a hyphen, as in nslookup -debug or nslookup -domain=classics.movie.edu. The options can be abbreviated to their shortest unique string - e.g., nodeb for nodebug. In addition to its abbreviation, the querytype option can also be called simply type.

Let's go through each of the options:

[no]debug

Debugging is turned off by default. If it is turned on, the name server shows timeouts and displays the response packets. See [no]d2 for a discussion of debug level 2.

[no]defname

By default, nslookup adds the default domain name to names without a dot in them. Before search lists existed, the BIND resolver code would only add the default domain to names without any dots in them; this option reflects that behavior. nslookup can implement the pre-search list behavior (with search off and defname on), or it can implement the search list behavior (with search on).

[no]search

The search option "overshadows" the default domain name (defname) option. That is, defname only applies if search is turned off. By default, nslookup appends the domains in the search list (srchlist) to names that don't end in a dot.

[no]recurse

nslookup requests recursive service by default. This turns on the recursion-desired bit in query packets. The BIND resolver sends recursive queries in the same way. Name servers, however, send out nonrecursive queries to other name servers.

[no]d2

Debugging at level 2 is turned off by default. If it is turned on, you see the query packets sent out in addition to the regular debugging output. Turning on d2 also turns on debug. Turning off d2 turns off d2 only; debug is left on. Turning off debug turns off both debug and d2.

[no]vc

By default, nslookup makes queries using UDP packets instead of over a virtual circuit (TCP). Most BIND resolver queries are made with UDP, so the default nslookup behavior matches the resolver. As the resolver can be instructed to use TCP, so can nslookup.

[no]ignoretc

By default, nslookup doesn't ignore truncated packets. If a packet is received that has the "truncated" bit set - indicating that the name server couldn't fit all the important information in the UDP response packet - nslookup doesn't ignore it; it retries the query using a TCP connection instead of UDP. Again, this matches the BIND resolver behavior. The reason for retrying the query using a TCP connection is that TCP responses can be twice as large as UDP responses. TCP responses could be many times the size of a UDP response (a TCP connection can carry much more data than a single UDP packet), but the buffers BIND uses for a TCP query are only twice as large as the UDP buffers.

port=53

The DNS service is on port 53. You can start a name server on another port - for debugging purposes, for example - and nslookup can be directed to use that port.

querytype=A

By default, nslookup looks up A (address) resource record types. In addition, if you type in an IP address (and the nslookup query type is address or pointer), then nslookup will invert the address, append in-addr.arpa, and look up PTR (pointer) data instead.

class=IN

The only class that matters is Internet. Well, there is the Hesiod (HS) class too, if you are an MITer or run Ultrix.

timeout=5

If the name server doesn't respond within 5 seconds, nslookup resends the query and doubles the timeout (to 10, 20, and then 40 seconds). The BIND resolver uses the same timeouts when querying a single name server.

retry=4

Send the query four times before giving up. After each retry, the timeout value is doubled. Again, this matches the BIND resolver behavior.

root=a.root-servers.net.

There is a convenience command called root, which switches your default server to the server named here. Executing the root command from a modern nslookup's prompt is equivalent to executing server a.root-servers.net. Older versions use nic.ddn.mil (old) or even sri-nic.arpa (ancient) as the default root name server. You can change the default "root" server with set root=server.

domain=fx.movie.edu

This is the default domain appended if the defname option is on.

srchlist=fx.movie.edu

If search is on, these are the domains appended to names that do not end in a dot. The domains are listed in the order that they are tried, separated by a slash. (The 4.8.3 search list defaulted to fx.movie.edu/movie.edu. At 4.9.3, you have to explicitly set the search list in /etc/resolv.conf to get both fx.movie.edu and movie.edu.)

11.3.1 The .nslookuprc File

You can set up new default nslookup options in an .nslookuprc file. nslookup will look for an .nslookuprc file in your home directory when it starts up, in both interactive and noninteractive modes. The .nslookuprc file can contain any legal set commands, one per line. This is useful, for example, if your old nslookup still thinks sri-nic.arpa is a root name server. You can set the default root name server to a real root with a line like this in your .nslookuprc file:

set root=a.root-servers.net.

You might also use .nslookuprc to set your search list to something other than your host's default search list, or to change the timeouts nslookup uses.


Previous: 11.2 Interactive Versus NoninteractiveDNS & BINDNext: 11.4 Avoiding the Search List
11.2 Interactive Versus NoninteractiveBook Index11.4 Avoiding the Search List