DragonFly On-Line Manual Pages

Search: Section:  

WALKER(1)             User Contributed Perl Documentation            WALKER(1)


NAME

       walker - Retrieve a DNS zone using NXT/NSEC traversal


SYNOPSIS

       walker [-y] [-n] [-d] [-x] [ @nameserver ] zone [ startname ]


DESCRIPTION

       walker retrieves a DNS zone from the default or supplied name server
       and prints each record to the standard output.  AXFR is not used,
       instead the DNSSEC NXT/NSEC record chain is traversed.  The zone must
       use DNSSEC.  The output should conform to the standard DNS master file
       format (but see BUGS).  Optionally, walker can also verify DNSSEC
       signatures on the RRsets within the zone.


OPTIONS

       -y  Additionally perform verification on each RRset within the zone and
           print result of verification (in a zone file comment).  This also
           turn on EDNS.0 and set the DNSSEC flag in queries.

       -n  When querying for records, ask the nameserver non-recursively,
           instead of going through the full resolver logic.  This parameter
           is useful when you know that the default name server (or the
           supplied specific nameserver) can respond correctly, which it
           typically only would if it is responsible for the zone.

           The original motivation for the -n parameter was to improve speed
           when asking parents for NS records on delegated zones, which would
           make the server recursively ask the child servers.

       -d  Enable debugging in the resolver (this will print all DNS packets,
           just like dig).

       -x  Enable the EDNS.0 DNSSEC flag for SIG/RRSIG queries.  Not effective
           if -y is used.  This is needed for some servers to return SIG/RRSIG
           at all.

       @nameserver
           Query nameserver instead of the default nameserver.

       zone
           Name of the zone to retrieve master file for.  For example, "com".

       startname
           Optional name to start the zone walk at.  The default is to start
           walking from the start.  This option is useful if the tool failed
           or was intterupted in the middle of a large zone.


AUTHOR

       Simon Josefsson <simon@josefsson.org>


BUGS

       CNAME, CERT and/or SRV RRs is known to cause perl warnings during
       verifications with some versions of Net::DNS and Net::DNS::SEC.  The
       cause is belived to be in Perl, Net::DNS or Net::DNS::SEC.  The reader
       is encouraged to track down and fix these bugs.


SEE ALSO

       perl(1), axfr, perldig, Net::DNS, Net::DNS::SEC, resolv.conf

perl v5.8.7                       2005-09-20                         WALKER(1)

Search: Section: