1MDIG(1) BIND 9 MDIG(1)
2
6 mdig - DNS pipelined lookup utility
7
9 mdig {@server} [-f filename] [-h] [-v] [ [-4] | [-6] ] [-m] [-b ad‐
10 dress] [-p port#] [-c class] [-t type] [-i] [-x addr] [plusopt...]
11 mdig {-h}
13 mdig [@server] {global-opt...} { {local-opt...} {query} ...}
15
17 mdig is a multiple/pipelined query version of dig: instead of waiting
18 for a response after sending each query, it begins by sending all
19 queries. Responses are displayed in the order in which they are re‐
20 ceived, not in the order the corresponding queries were sent.
21 mdig options are a subset of the dig options, and are divided into
23 "anywhere options," which can occur anywhere, "global options," which
24 must occur before the query name (or they are ignored with a warning),
25 and "local options," which apply to the next query on the command line.
26 The @server option is a mandatory global option. It is the name or IP
28 address of the name server to query. (Unlike dig, this value is not re‐
29 trieved from /etc/resolv.conf.) It can be an IPv4 address in dot‐
30 ted-decimal notation, an IPv6 address in colon-delimited notation, or a
31 hostname. When the supplied server argument is a hostname, mdig re‐
32 solves that name before querying the name server.
33 mdig provides a number of query options which affect the way in which
35 lookups are made and the results displayed. Some of these set or reset
36 flag bits in the query header, some determine which sections of the an‐
37 swer get printed, and others determine the timeout and retry strate‐
38 gies.
39 Each query option is identified by a keyword preceded by a plus sign
41 (+). Some keywords set or reset an option. These may be preceded by the
42 string no to negate the meaning of that keyword. Other keywords assign
43 values to options like the timeout interval. They have the form +key‐
44 word=value.
45
47 -f This option makes mdig operate in batch mode by reading a list
48 of lookup requests to process from the file filename. The file
49 contains a number of queries, one per line. Each entry in the
50 file should be organized in the same way they would be presented
51 as queries to mdig using the command-line interface.
52 -h This option causes mdig to print detailed help information, with
54 the full list of options, and exit.
55 -v This option causes mdig to print the version number and exit.
57
59 -4 This option forces mdig to only use IPv4 query transport.
60 -6 This option forces mdig to only use IPv6 query transport.
62 -b address
64 This option sets the source IP address of the query to address.
65 This must be a valid address on one of the host's network inter‐
66 faces or "0.0.0.0" or "::". An optional port may be specified by
67 appending "#<port>"
68 -m This option enables memory usage debugging.
70 -p port#
72 This option is used when a non-standard port number is to be
73 queried. port# is the port number that mdig sends its queries
74 to, instead of the standard DNS port number 53. This option is
75 used to test a name server that has been configured to listen
76 for queries on a non-standard port number.
77 The global query options are:
79 +additional, +noadditional
81 This option displays [or does not display] the additional sec‐
82 tion of a reply. The default is to display it.
83 +all, +noall
85 This option sets or clears all display flags.
86 +answer, +noanswer
88 This option displays [or does not display] the answer section of
89 a reply. The default is to display it.
90 +authority, +noauthority
92 This option displays [or does not display] the authority section
93 of a reply. The default is to display it.
94 +besteffort, +nobesteffort
96 This option attempts to display [or does not display] the con‐
97 tents of messages which are malformed. The default is to not
98 display malformed answers.
99 +burst This option delays queries until the start of the next second.
101 +cl, +nocl
103 This option displays [or does not display] the CLASS when print‐
104 ing the record.
105 +comments, +nocomments
107 This option toggles the display of comment lines in the output.
108 The default is to print comments.
109 +continue, +nocontinue
111 This option toggles continuation on errors (e.g. timeouts).
112 +crypto, +nocrypto
114 This option toggles the display of cryptographic fields in
115 DNSSEC records. The contents of these fields are unnecessary to
116 debug most DNSSEC validation failures and removing them makes it
117 easier to see the common failures. The default is to display the
118 fields. When omitted, they are replaced by the string "[omit‐
119 ted]"; in the DNSKEY case, the key ID is displayed as the re‐
120 placement, e.g., [ key id = value ].
121 +multiline, +nomultiline
123 This option toggles printing of records, like the SOA records,
124 in a verbose multi-line format with human-readable comments. The
125 default is to print each record on a single line, to facilitate
126 machine parsing of the mdig output.
127 +question, +noquestion
129 This option prints [or does not print] the question section of a
130 query when an answer is returned. The default is to print the
131 question section as a comment.
132 +rrcomments, +norrcomments
134 This option toggles the display of per-record comments in the
135 output (for example, human-readable key information about DNSKEY
136 records). The default is not to print record comments unless
137 multiline mode is active.
138 +short, +noshort
140 This option provides [or does not provide] a terse answer. The
141 default is to print the answer in a verbose form.
142 +split=W
144 This option splits long hex- or base64-formatted fields in re‐
145 source records into chunks of W characters (where W is rounded
146 up to the nearest multiple of 4). +nosplit or +split=0 causes
147 fields not to be split. The default is 56 characters, or 44
148 characters when multiline mode is active.
149 +tcp, +notcp
151 This option uses [or does not use] TCP when querying name
152 servers. The default behavior is to use UDP.
153 +ttlid, +nottlid
155 This option displays [or does not display] the TTL when printing
156 the record.
157 +ttlunits, +nottlunits
159 This option displays [or does not display] the TTL in friendly
160 human-readable time units of "s", "m", "h", "d", and "w", repre‐
161 senting seconds, minutes, hours, days, and weeks. This implies
162 +ttlid.
163 +vc, +novc
165 This option uses [or does not use] TCP when querying name
166 servers. This alternate syntax to +tcp is provided for backwards
167 compatibility. The vc stands for "virtual circuit".
168
170 -c class
171 This option sets the query class to class. It can be any valid
172 query class which is supported in BIND 9. The default query
173 class is "IN".
174 -t type
176 This option sets the query type to type. It can be any valid
177 query type which is supported in BIND 9. The default query type
178 is "A", unless the -x option is supplied to indicate a reverse
179 lookup with the "PTR" query type.
180 -x addr
182 Reverse lookups - mapping addresses to names - are simplified by
183 this option. addr is an IPv4 address in dotted-decimal notation,
184 or a colon-delimited IPv6 address. mdig automatically performs a
185 lookup for a query name like 11.12.13.10.in-addr.arpa and sets
186 the query type and class to PTR and IN respectively. By default,
187 IPv6 addresses are looked up using nibble format under the
188 IP6.ARPA domain.
189 The local query options are:
191 +aaflag, +noaaflag
193 This is a synonym for +aaonly, +noaaonly.
194 +aaonly, +noaaonly
196 This sets the aa flag in the query.
197 +adflag, +noadflag
199 This sets [or does not set] the AD (authentic data) bit in the
200 query. This requests the server to return whether all of the an‐
201 swer and authority sections have all been validated as secure,
202 according to the security policy of the server. AD=1 indicates
203 that all records have been validated as secure and the answer is
204 not from a OPT-OUT range. AD=0 indicates that some part of the
205 answer was insecure or not validated. This bit is set by de‐
206 fault.
207 +bufsize=B
209 This sets the UDP message buffer size advertised using EDNS0 to
210 B bytes. The maximum and minimum sizes of this buffer are 65535
211 and 0 respectively. Values outside this range are rounded up or
212 down appropriately. Values other than zero cause a EDNS query to
213 be sent.
214 +cdflag, +nocdflag
216 This sets [or does not set] the CD (checking disabled) bit in
217 the query. This requests the server to not perform DNSSEC vali‐
218 dation of responses.
219 +cookie=####, +nocookie
221 This sends [or does not send] a COOKIE EDNS option, with an op‐
222 tional value. Replaying a COOKIE from a previous response allows
223 the server to identify a previous client. The default is +no‐
224 cookie.
225 +dnssec, +nodnssec
227 This requests that DNSSEC records be sent by setting the DNSSEC
228 OK (DO) bit in the OPT record in the additional section of the
229 query.
230 +edns[=#], +noedns
232 This specifies [or does not specify] the EDNS version to query
233 with. Valid values are 0 to 255. Setting the EDNS version
234 causes an EDNS query to be sent. +noedns clears the remembered
235 EDNS version. EDNS is set to 0 by default.
236 +ednsflags[=#], +noednsflags
238 This sets the must-be-zero EDNS flag bits (Z bits) to the speci‐
239 fied value. Decimal, hex, and octal encodings are accepted.
240 Setting a named flag (e.g. DO) is silently ignored. By default,
241 no Z bits are set.
242 +ednsopt[=code[:value]], +noednsopt
244 This specifies [or does not specify] an EDNS option with code
245 point code and an optional payload of value as a hexadecimal
246 string. +noednsopt clears the EDNS options to be sent.
247 +expire, +noexpire
249 This toggles sending of an EDNS Expire option.
250 +nsid, +nonsid
252 This toggles inclusion of an EDNS name server ID request when
253 sending a query.
254 +recurse, +norecurse
256 This toggles the setting of the RD (recursion desired) bit in
257 the query. This bit is set by default, which means mdig nor‐
258 mally sends recursive queries.
259 +retry=T
261 This sets the number of times to retry UDP queries to server to
262 T instead of the default, 2. Unlike +tries, this does not in‐
263 clude the initial query.
264 +subnet=addr[/prefix-length], +nosubnet
266 This sends [or does not send] an EDNS Client Subnet option with
267 the specified IP address or network prefix.
268 mdig +subnet=0.0.0.0/0, or simply mdig +subnet=0
270 This sends an EDNS client-subnet option with an empty address
271 and a source prefix-length of zero, which signals a resolver
272 that the client's address information must not be used when re‐
273 solving this query.
274 +timeout=T
276 This sets the timeout for a query to T seconds. The default
277 timeout is 5 seconds for UDP transport and 10 for TCP. An at‐
278 tempt to set T to less than 1 results in a query timeout of 1
279 second being applied.
280 +tries=T
282 This sets the number of times to try UDP queries to server to T
283 instead of the default, 3. If T is less than or equal to zero,
284 the number of tries is silently rounded up to 1.
285 +udptimeout=T
287 This sets the timeout between UDP query retries to T.
288 +unknownformat, +nounknownformat
290 This prints [or does not print] all RDATA in unknown RR-type
291 presentation format (see RFC 3597). The default is to print
292 RDATA for known types in the type's presentation format.
293 +yaml, +noyaml
295 This toggles printing of the responses in a detailed YAML for‐
296 mat.
297 +zflag, +nozflag
299 This sets [or does not set] the last unassigned DNS header flag
300 in a DNS query. This flag is off by default.
301
303 dig(1), RFC 1035.
304
306 Internet Systems Consortium
307
309 2023, Internet Systems Consortium
3109.19.18 MDIG(1)