1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
|
.\" @(#)drill.1 1.7.0 14-Jul-2004 OF;
.TH drill 1 "28 May 2006"
.SH NAME
drill \- get (debug) information out of DNS(SEC)
.SH SYNOPSIS
.B drill
[
.IR OPTIONS
]
.IR name
[
.IR @server
]
[
.IR type
]
[
.IR class
]
.SH DESCRIPTION
\fBdrill\fR is a tool to designed to get all sorts of information out of the
DNS. It is specificly designed to be used with DNSSEC.
.PP
The name \fBdrill\fR is a pun on \fBdig\fR. With \fBdrill\fR you should be able
get even more information than with \fBdig\fR.
.PP
If no arguments are given class defaults to 'IN' and type to 'A'. The
server(s) specified in /etc/resolv.conf are used to query against.
.PP
\fIname\fR
Ask for this name.
.PP
\fI@server\fR
Send to query to this server. If not specified use the nameservers from
\fI/etc/resolv.conf\fR.
.PP
\fItype\fR
Ask for this RR type. If type is not given on the command line it defaults
to 'A'. Except when doing to reverse lookup when it defaults to 'PTR'.
.PP
\fIclass\fR
Use this class when querying.
.SH SAMPLE USAGE
\fBdrill mx miek.nl\fR
Show the MX records of the domain miek.nl
.TP
\fBdrill -S jelte.nlnetlabs.nl\fR
Chase any signatures in the jelte.nlnetlab.nl domain. This option is
only available when ldns has been compiled with openssl-support.
.TP
\fBdrill -TD www.example.com\fR
Do a DNSSEC (-D) trace (-T) from the rootservers down to www.example.com.
This option only works when ldns has been compiled with openssl support.
.TP
\fBdrill -s dnskey jelte.nlnetlabs.nl\fR
Show the DNSKEY record(s) for jelte.nlnetlabs.nl. For each found DNSKEY
record also print the DS record.
.SH OPTIONS
.TP
\fB\-D
Enable DNSSEC in the query. When querying for DNSSEC types (DNSKEY, RRSIG,
DS and NSEC) this is \fInot\fR automaticly enabled.
.TP
\fB\-T
Trace \fIname\fR from the root down. When using this option the @server and
the type arguments are not used.
.TP
\fB\-S
Chase the signature(s) of 'name' to a known key or as high up in
the tree as possible.
.TP
\fB\-I \fIIPv4 or IPv6 address\fR
Source address to query from. The source address has to be present
on an interface of the host running drill.
.TP
\fB\-V \fIlevel\fR
Be more verbose. Set level to 5 to see the actual query that is sent.
.TP
\fB\-Q
Quiet mode, this overrules -V.
.TP
\fB\-f \fIfile\fR
Read the query from a file. The query must be dumped with -w.
.TP
\fB\-i \fIfile\fR
read the answer from the file instead from the network. This aids
in debugging and can be used to check if a query on disk is valid.
If the file contains binary data it is assumed to be a query in
network order.
.TP
\fB\-w \fIfile\fR
Write an answer packet to file.
.TP
\fB\-q \fIfile\fR
Write the query packet to file.
.TP
\fB\-v
Show drill's version.
.TP
\fB\-h
Show a short help message.
.SS QUERY OPTIONS
.TP
\fB\-4
Stay on ip4. Only send queries to ip4 enabled nameservers.
.TP
\fB\-6
Stay on ip6. Only send queries to ip6 enabled nameservers.
.TP
\fB\-a
Use the resolver structure's fallback mechanism if the answer
is truncated (TC=1). If a truncated packet is received and this
option is set, drill will first send a new query with EDNS0
buffer size 4096.
If the EDNS0 buffer size was already set to 512+ bytes, or the
above retry also results in a truncated answer, the resolver
structure will fall back to TCP.
.TP
\fB\-b \fIsize\fR
Use size as the buffer size in the EDNS0 pseudo RR.
.TP
\fB\-c \fIfile\fR
Use file instead of /etc/resolv.conf for nameserver configuration.
.TP
\fB\-d \fIdomain\fR
When tracing (-T), start from this domain instead of the root.
.TP
\fB\-t
Use TCP/IP when querying a server
.TP
\fB\-k \fIkeyfile\fR
Use this file to read a (trusted) key from. When this options is
given \fBdrill\fR tries to validate the current answer with this
key. No chasing is done. When \fBdrill\fR is doing a secure trace, this
key will be used as trust anchor. Can contain a DNSKEY or a DS record.
Alternatively, when DNSSEC enabled tracing (\fB-TD\fR) or signature
chasing (\fB-S\fR), if \fB-k\fR is not specified, and a default trust anchor
(@LDNS_TRUST_ANCHOR_FILE@) exists and contains a valid DNSKEY or DS record,
it will be used as the trust anchor.
.TP
\fB\-o \fImnemonic\fR
Use this option to set or unset specific header bits. A bit is
set by using the bit mnemonic in CAPITAL letters. A bit is unset when
the mnemonic is given in lowercase. The following mnemonics are
understood by \fBdrill\fR:
QR, qr: set, unset QueRy (default: on)
AA, aa: set, unset Authoritative Answer (default: off)
TC, tc: set, unset TrunCated (default: off)
RD, rd: set, unset Recursion Desired (default: on)
CD, cd: set, unset Checking Disabled (default: off)
RA, ra: set, unset Recursion Available (default: off)
AD, ad: set, unset Authenticated Data (default: off)
Thus: \fB-o CD\fR, will enable Checking Disabled, which instructs the
cache to not validate the answers it gives out.
.TP
\fB\-p \fIport\fR
Use this port instead of the default of 53.
.TP
\fB\-r \fIfile\fR
When tracing (-T), use file as a root servers hint file.
.TP
\fB\-s
When encountering a DNSKEY print the equivalent DS also.
.TP
\fB\-u
Use UDP when querying a server. This is the default.
.TP
\fB\-w \fIfile\fR
write the answer to a file. The file will contain a hexadecimal dump
of the query. This can be used in conjunction with -f.
.TP
\fB\-x
Do a reverse loopup. The type argument is not used, it is preset to PTR.
.TP
\fB\-y \fI<name:key[:algo]>\fR
specify named base64 tsig key, and optional an algorithm (defaults to hmac-md5.sig-alg.reg.int)
.TP
\fB\-z \fR
don't randomize the nameserver list before sending queries.
.SH "EXIT STATUS"
The exit status is 0 if the looked up answer is secure and trusted,
or insecure.
The exit status is not 0 if the looked up answer is untrusted or bogus,
or an error occurred while performing the lookup.
.SH "FILES"
.TP
@LDNS_TRUST_ANCHOR_FILE@
The file from which trusted keys are loaded when no \fB-k\fR option is given.
.SH "SEE ALSO"
.LP
unbound-anchor(8)
.SH AUTHOR
Jelte Jansen and Miek Gieben. Both of NLnet Labs.
.SH REPORTING BUGS
Report bugs to <ldns-team@nlnetlabs.nl>.
.SH BUGS
.SH COPYRIGHT
Copyright (c) 2004-2008 NLnet Labs.
Licensed under the revised BSD license. There is NO warranty; not even for MERCHANTABILITY or
FITNESS FOR A PARTICULAR PURPOSE.
.SH SEE ALSO
\fBdig\fR(1), \fIRFC403{3,4,5}\fR.
|