GSP
Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages


Manual Reference Pages  -  WALKER (1)

NAME

walker - Retrieve a DNS zone using NXT/NSEC traversal

CONTENTS

SYNOPSIS

walker [-y] [-n] [-d] [-x] [ @nameserver ] zone [ startname ]

DESCRIPTION

walker retrieves a DNS zone from the default or supplied name server and prints each record to the standard output. AXFR is not used, instead the DNSSEC NXT/NSEC record chain is traversed. The zone must use DNSSEC. The output should conform to the standard DNS master file format (but see BUGS). Optionally, walker can also verify DNSSEC signatures on the RRsets within the zone.

OPTIONS

-y Additionally perform verification on each RRset within the zone and print result of verification (in a zone file comment). This also turn on EDNS.0 and set the DNSSEC flag in queries.
-n When querying for records, ask the nameserver non-recursively, instead of going through the full resolver logic. This parameter is useful when you know that the default name server (or the supplied specific nameserver) can respond correctly, which it typically only would if it is responsible for the zone.

The original motivation for the -n parameter was to improve speed when asking parents for NS records on delegated zones, which would make the server recursively ask the child servers.

-d Enable debugging in the resolver (this will print all DNS packets, just like dig).
-x Enable the EDNS.0 DNSSEC flag for SIG/RRSIG queries. Not effective if -y is used. This is needed for some servers to return SIG/RRSIG at all.
@nameserver Query nameserver instead of the default nameserver.
zone Name of the zone to retrieve master file for. For example, com.
startname Optional name to start the zone walk at. The default is to start walking from the start. This option is useful if the tool failed or was intterupted in the middle of a large zone.

AUTHOR

Simon Josefsson <simon@josefsson.org>

BUGS

CNAME, CERT and/or SRV RRs is known to cause perl warnings during verifications with some versions of Net::DNS and Net::DNS::SEC. The cause is belived to be in Perl, Net::DNS or Net::DNS::SEC. The reader is encouraged to track down and fix these bugs.

SEE ALSO

perl(1), axfr, perldig, Net::DNS, Net::DNS::SEC, resolv.conf
Search for    or go to Top of page |  Section 1 |  Main Index


perl v5.8.7 WALKER (1) 2005-09-20

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with manServer 1.07.