Manual Reference Pages - LDNS-TEST-EDNS (1)
ldns-test-edns - test if dns cache supports EDNS and DNSSEC.
ldns-test-edns tests a DNS cache and checks if it supports EDNS0 and
DNSSEC types so that it can be used as a dnssec-enabled DNS cache. It sends
two queries to the cache, one for the root key and one for a DS record.
These must succeed, the answer must have EDNS, that type and signatures.
If the IP address is good for DNSSEC, it is printed with OK. Otherwise
short description is given of the failure.
If OK is given, the cache should be good to use as a cache for a local
configured DNSSEC validator.
The tool assumes the root is signed and Sweden is signed.
Also, the queries are sent with the CD flag, the tool does not check that the
results are validated, but that they can be validated.
-i option enables a mode where the working IP addresses are printed
after another, with no other explanations, and if none work or no IP addresses
are on the input, off is printed.
ldns-test-edns takes one or more IP addresses, it checks them in turn.
IPv4 and IPv6 addresses can be given. The exit value is for the last checked
IP address: 0 is OK, 1 is failure, 2 is some sort of network failure.
Written by the ldns team as an example for ldns usage.
Report bugs to <firstname.lastname@example.org>.
Copyright (C) 2010 NLnet Labs. This is free software. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR
|--> ||LDNS-TEST-EDNS (1) ||14 Dec 2010 |
Visit the GSP FreeBSD Man Page Interface.
Output converted with manServer 1.07.