|
|
| |
WALKER(1) |
User Contributed Perl Documentation |
WALKER(1) |
walker - Retrieve a DNS zone using NXT/NSEC traversal
walker [-y] [-n] [-d] [-x] [ @nameserver ]
zone [ startname ]
walker retrieves a DNS zone from the default or supplied name server and
prints each record to the standard output. AXFR is not used, instead the
DNSSEC NXT/NSEC record chain is traversed. The zone must use DNSSEC. The
output should conform to the standard DNS master file format (but see
BUGS). Optionally, walker can also verify DNSSEC signatures on
the RRsets within the zone.
- -y
- Additionally perform verification on each RRset within the zone and print
result of verification (in a zone file comment). This also turn on EDNS.0
and set the DNSSEC flag in queries.
- -n
- When querying for records, ask the nameserver non-recursively, instead of
going through the full resolver logic. This parameter is useful when you
know that the default name server (or the supplied specific nameserver)
can respond correctly, which it typically only would if it is responsible
for the zone.
The original motivation for the -n parameter was to improve
speed when asking parents for NS records on delegated zones, which would
make the server recursively ask the child servers.
- -d
- Enable debugging in the resolver (this will print all DNS packets, just
like dig).
- -x
- Enable the EDNS.0 DNSSEC flag for SIG/RRSIG queries. Not effective if -y
is used. This is needed for some servers to return SIG/RRSIG at all.
- @nameserver
- Query nameserver instead of the default nameserver.
- zone
- Name of the zone to retrieve master file for. For example,
"com".
- startname
- Optional name to start the zone walk at. The default is to start walking
from the start. This option is useful if the tool failed or was
intterupted in the middle of a large zone.
Simon Josefsson <simon@josefsson.org>
CNAME, CERT and/or SRV RRs is known to cause perl warnings during verifications
with some versions of Net::DNS and Net::DNS::SEC. The cause is belived to be
in Perl, Net::DNS or Net::DNS::SEC. The reader is encouraged to track down and
fix these bugs.
perl(1), axfr, perldig, Net::DNS, Net::DNS::SEC, resolv.conf
Visit the GSP FreeBSD Man Page Interface. Output converted with ManDoc. |