1MDIG(1) BIND 9 MDIG(1)
2
3
4
6 mdig - DNS pipelined lookup utility
7
9 mdig {@server} [-f filename] [-h] [-v] [ [-4] | [-6] ] [-m] [-b ad‐
10 dress] [-p port#] [-c class] [-t type] [-i] [-x addr] [plusopt...]
11
12 mdig {-h}
13
14 mdig [@server] {global-opt...} { {local-opt...} {query} ...}
15
17 mdig is a multiple/pipelined query version of dig: instead of waiting
18 for a response after sending each query, it begins by sending all
19 queries. Responses are displayed in the order in which they are re‐
20 ceived, not in the order the corresponding queries were sent.
21
22 mdig options are a subset of the dig options, and are divided into
23 "anywhere options," which can occur anywhere, "global options," which
24 must occur before the query name (or they are ignored with a warning),
25 and "local options," which apply to the next query on the command line.
26
27 The @server option is a mandatory global option. It is the name or IP
28 address of the name server to query. (Unlike dig, this value is not re‐
29 trieved from /etc/resolv.conf.) It can be an IPv4 address in dot‐
30 ted-decimal notation, an IPv6 address in colon-delimited notation, or a
31 hostname. When the supplied server argument is a hostname, mdig re‐
32 solves that name before querying the name server.
33
34 mdig provides a number of query options which affect the way in which
35 lookups are made and the results displayed. Some of these set or reset
36 flag bits in the query header, some determine which sections of the an‐
37 swer get printed, and others determine the timeout and retry strate‐
38 gies.
39
40 Each query option is identified by a keyword preceded by a plus sign
41 (+). Some keywords set or reset an option. These may be preceded by the
42 string no to negate the meaning of that keyword. Other keywords assign
43 values to options like the timeout interval. They have the form +key‐
44 word=value.
45
47 -f This option makes mdig operate in batch mode by reading a list
48 of lookup requests to process from the file filename. The file
49 contains a number of queries, one per line. Each entry in the
50 file should be organized in the same way they would be presented
51 as queries to mdig using the command-line interface.
52
53 -h This option causes mdig to print detailed help information, with
54 the full list of options, and exit.
55
56 -v This option causes mdig to print the version number and exit.
57
59 -4 This option forces mdig to only use IPv4 query transport.
60
61 -6 This option forces mdig to only use IPv6 query transport.
62
63 -b address
64 This option sets the source IP address of the query to address.
65 This must be a valid address on one of the host's network inter‐
66 faces or "0.0.0.0" or "::". An optional port may be specified by
67 appending "#<port>"
68
69 -m This option enables memory usage debugging.
70
71 -p port#
72 This option is used when a non-standard port number is to be
73 queried. port# is the port number that mdig sends its queries
74 to, instead of the standard DNS port number 53. This option is
75 used to test a name server that has been configured to listen
76 for queries on a non-standard port number.
77
78 The global query options are:
79
80 +additional, +noadditional
81 This option displays [or does not display] the additional sec‐
82 tion of a reply. The default is to display it.
83
84 +all, +noall
85 This option sets or clears all display flags.
86
87 +answer, +noanswer
88 This option displays [or does not display] the answer section of
89 a reply. The default is to display it.
90
91 +authority, +noauthority
92 This option displays [or does not display] the authority section
93 of a reply. The default is to display it.
94
95 +besteffort, +nobesteffort
96 This option attempts to display [or does not display] the con‐
97 tents of messages which are malformed. The default is to not
98 display malformed answers.
99
100 +burst This option delays queries until the start of the next second.
101
102 +cl, +nocl
103 This option displays [or does not display] the CLASS when print‐
104 ing the record.
105
106 +comments, +nocomments
107 This option toggles the display of comment lines in the output.
108 The default is to print comments.
109
110 +continue, +nocontinue
111 This option toggles continuation on errors (e.g. timeouts).
112
113 +crypto, +nocrypto
114 This option toggles the display of cryptographic fields in
115 DNSSEC records. The contents of these fields are unnecessary to
116 debug most DNSSEC validation failures and removing them makes it
117 easier to see the common failures. The default is to display the
118 fields. When omitted, they are replaced by the string "[omit‐
119 ted]"; in the DNSKEY case, the key ID is displayed as the re‐
120 placement, e.g., [ key id = value ].
121
122 +dscp=value
123 This option formerly set the DSCP value used when sending a
124 query. It is now obsolete, and has no effect.
125
126 +multiline, +nomultiline
127 This option toggles printing of records, like the SOA records,
128 in a verbose multi-line format with human-readable comments. The
129 default is to print each record on a single line, to facilitate
130 machine parsing of the mdig output.
131
132 +question, +noquestion
133 This option prints [or does not print] the question section of a
134 query when an answer is returned. The default is to print the
135 question section as a comment.
136
137 +rrcomments, +norrcomments
138 This option toggles the display of per-record comments in the
139 output (for example, human-readable key information about DNSKEY
140 records). The default is not to print record comments unless
141 multiline mode is active.
142
143 +short, +noshort
144 This option provides [or does not provide] a terse answer. The
145 default is to print the answer in a verbose form.
146
147 +split=W
148 This option splits long hex- or base64-formatted fields in re‐
149 source records into chunks of W characters (where W is rounded
150 up to the nearest multiple of 4). +nosplit or +split=0 causes
151 fields not to be split. The default is 56 characters, or 44
152 characters when multiline mode is active.
153
154 +tcp, +notcp
155 This option uses [or does not use] TCP when querying name
156 servers. The default behavior is to use UDP.
157
158 +ttlid, +nottlid
159 This option displays [or does not display] the TTL when printing
160 the record.
161
162 +ttlunits, +nottlunits
163 This option displays [or does not display] the TTL in friendly
164 human-readable time units of "s", "m", "h", "d", and "w", repre‐
165 senting seconds, minutes, hours, days, and weeks. This implies
166 +ttlid.
167
168 +vc, +novc
169 This option uses [or does not use] TCP when querying name
170 servers. This alternate syntax to +tcp is provided for backwards
171 compatibility. The vc stands for "virtual circuit".
172
174 -c class
175 This option sets the query class to class. It can be any valid
176 query class which is supported in BIND 9. The default query
177 class is "IN".
178
179 -t type
180 This option sets the query type to type. It can be any valid
181 query type which is supported in BIND 9. The default query type
182 is "A", unless the -x option is supplied to indicate a reverse
183 lookup with the "PTR" query type.
184
185 -x addr
186 Reverse lookups - mapping addresses to names - are simplified by
187 this option. addr is an IPv4 address in dotted-decimal notation,
188 or a colon-delimited IPv6 address. mdig automatically performs a
189 lookup for a query name like 11.12.13.10.in-addr.arpa and sets
190 the query type and class to PTR and IN respectively. By default,
191 IPv6 addresses are looked up using nibble format under the
192 IP6.ARPA domain.
193
194 The local query options are:
195
196 +aaflag, +noaaflag
197 This is a synonym for +aaonly, +noaaonly.
198
199 +aaonly, +noaaonly
200 This sets the aa flag in the query.
201
202 +adflag, +noadflag
203 This sets [or does not set] the AD (authentic data) bit in the
204 query. This requests the server to return whether all of the an‐
205 swer and authority sections have all been validated as secure,
206 according to the security policy of the server. AD=1 indicates
207 that all records have been validated as secure and the answer is
208 not from a OPT-OUT range. AD=0 indicates that some part of the
209 answer was insecure or not validated. This bit is set by de‐
210 fault.
211
212 +bufsize=B
213 This sets the UDP message buffer size advertised using EDNS0 to
214 B bytes. The maximum and minimum sizes of this buffer are 65535
215 and 0 respectively. Values outside this range are rounded up or
216 down appropriately. Values other than zero cause a EDNS query to
217 be sent.
218
219 +cdflag, +nocdflag
220 This sets [or does not set] the CD (checking disabled) bit in
221 the query. This requests the server to not perform DNSSEC vali‐
222 dation of responses.
223
224 +cookie=####, +nocookie
225 This sends [or does not send] a COOKIE EDNS option, with an op‐
226 tional value. Replaying a COOKIE from a previous response allows
227 the server to identify a previous client. The default is +no‐
228 cookie.
229
230 +dnssec, +nodnssec
231 This requests that DNSSEC records be sent by setting the DNSSEC
232 OK (DO) bit in the OPT record in the additional section of the
233 query.
234
235 +edns[=#], +noedns
236 This specifies [or does not specify] the EDNS version to query
237 with. Valid values are 0 to 255. Setting the EDNS version
238 causes an EDNS query to be sent. +noedns clears the remembered
239 EDNS version. EDNS is set to 0 by default.
240
241 +ednsflags[=#], +noednsflags
242 This sets the must-be-zero EDNS flag bits (Z bits) to the speci‐
243 fied value. Decimal, hex, and octal encodings are accepted.
244 Setting a named flag (e.g. DO) is silently ignored. By default,
245 no Z bits are set.
246
247 +ednsopt[=code[:value]], +noednsopt
248 This specifies [or does not specify] an EDNS option with code
249 point code and an optional payload of value as a hexadecimal
250 string. +noednsopt clears the EDNS options to be sent.
251
252 +expire, +noexpire
253 This toggles sending of an EDNS Expire option.
254
255 +nsid, +nonsid
256 This toggles inclusion of an EDNS name server ID request when
257 sending a query.
258
259 +recurse, +norecurse
260 This toggles the setting of the RD (recursion desired) bit in
261 the query. This bit is set by default, which means mdig nor‐
262 mally sends recursive queries.
263
264 +retry=T
265 This sets the number of times to retry UDP queries to server to
266 T instead of the default, 2. Unlike +tries, this does not in‐
267 clude the initial query.
268
269 +subnet=addr[/prefix-length], +nosubnet
270 This sends [or does not send] an EDNS Client Subnet option with
271 the specified IP address or network prefix.
272
273 mdig +subnet=0.0.0.0/0, or simply mdig +subnet=0
274 This sends an EDNS client-subnet option with an empty address
275 and a source prefix-length of zero, which signals a resolver
276 that the client's address information must not be used when re‐
277 solving this query.
278
279 +timeout=T
280 This sets the timeout for a query to T seconds. The default
281 timeout is 5 seconds for UDP transport and 10 for TCP. An at‐
282 tempt to set T to less than 1 results in a query timeout of 1
283 second being applied.
284
285 +tries=T
286 This sets the number of times to try UDP queries to server to T
287 instead of the default, 3. If T is less than or equal to zero,
288 the number of tries is silently rounded up to 1.
289
290 +udptimeout=T
291 This sets the timeout between UDP query retries to T.
292
293 +unknownformat, +nounknownformat
294 This prints [or does not print] all RDATA in unknown RR-type
295 presentation format (see RFC 3597). The default is to print
296 RDATA for known types in the type's presentation format.
297
298 +yaml, +noyaml
299 This toggles printing of the responses in a detailed YAML for‐
300 mat.
301
302 +zflag, +nozflag
303 This sets [or does not set] the last unassigned DNS header flag
304 in a DNS query. This flag is off by default.
305
307 dig(1), RFC 1035.
308
310 Internet Systems Consortium
311
313 2023, Internet Systems Consortium
314
315
316
317
3189.18.11 MDIG(1)