1VALIDATE(1)           User Contributed Perl Documentation          VALIDATE(1)
2
3
4

NAME

6       validate - Query the Domain Name System and display results of the
7       DNSSEC validation process
8

SYNOPSIS

10         validate
11
12         validate [options] DOMAIN_NAME
13

DESCRIPTION

15       validate is a diagnostic tool built on top of the DNSSEC validator.  It
16       takes DOMAIN_NAME as an argument and queries the DNS for that domain
17       name.  It outputs the series of responses that were received from the
18       DNS and the DNSSEC validation results for each domain name.  An exami‐
19       nation of the queries and validation results can help an administrator
20       uncover errors in DNSSEC configuration of DNS zones.
21
22       If no options are specified and no DOMAIN_NAME argument is given, vali‐
23       date will perform a series of pre-defined test queries against the
24       test.dnssec-tools.org zone.  This serves as a test-suite for the val‐
25       idator.  If any options are specified (e.g., configuration file loca‐
26       tions), -s or --selftest must be specified to run the test-suite.
27

OPTIONS

29       -c CLASS, --class=CLASS
30           This option can be used to specify the DNS class of the Resource
31           Record queried.  If this option is not given, the default class IN
32           is used.
33
34       -h, --help
35           Display the help and exit.
36
37       -m, --merge
38           When this option is given, validate will merge different RRsets in
39           the response into a single answer.  If this option is not given,
40           each RRset is output as a separate response.  This option makes
41           sense only when used with the -p option.
42
43       -p, --print
44           Print the answers and validation results.  By default, validate
45           just outputs a series of responses and their validation results on
46           stderr.  When the -p option is used, validate will also output the
47           final result on stdout.
48
49       -t TYPE, --type=TYPE
50           This option can be used to specify the DNS type of the Resource
51           Record queried.  If this option is not given, validate will query
52           for the A record for the given DOMAIN_NAME.
53
54       -v FILE, --dnsval-conf=FILE
55           This option can be used to specify the location of the dnsval.conf
56           configuration file.
57
58       -r FILE, --resolv-conf=FILE
59           This option can be used to specify the location of the resolv.conf
60           configuration file containing the name servers to use for lookups.
61
62       -i FILE, --root-hints=FILE
63           This option can be used to specify the location of the root.hints
64           configuration file, containing the root name servers.  This is only
65           used when no name server is found, and validate must do recursive
66           lookups itself.
67
68       -S suite[:suite], --test-suite=suite[:suite]
69           This option specifies the test suite (or range of test suites) to
70           use for the internal tests.
71
72       -s, --selftest
73           This option can be used to specify that the application should per‐
74           form its test-suite against the dnssec-tools.org test domain.  If
75           the name servers configured in the system resolv.conf do not sup‐
76           port DNSSEC, use the -r and -i options to enable validate to use
77           its own internal recursive resolver.
78
79       -T number[:number], --testcase=number[:number]
80           This option can be used to run a specific test (or range of tests)
81           from the test suite.
82
83       -F file, --testcase-conf=file
84           This option is used to specify the file containing the test cases.
85
86       -l label, --label=label
87           This option can be used to specify the policy from within the
88           dnsval.conf file to use during validation.
89
90       -w seconds, --wait=seconds
91           This option can be used to run the queries specified by other flags
92           in a loop, with the specified interval between successive queries.
93
94       -o, --output=<debug-level>:<dest-type>[:<dest-options>]
95           <debug-level> is 1-7, corresponding to syslog levels ALERT-DEBUG
96           <dest-type> is one of file, net, syslog, stderr, stdout
97           <dest-options> depends on <dest-type>
98               file:<file-name>   (opened in append mode)
99               net[:<host-name>:<host-port>] (127.0.0.1:1053
100               syslog[:facility] (0-23 (default 1 USER))
101

PRE-REQUISITES

103       libval
104

COPYRIGHT

106       Copyright 2005-2007 SPARTA, Inc.  All rights reserved.  See the COPYING
107       file included with the DNSSEC-Tools package for details.
108

AUTHORS

110       Abhijit Hayatnagarkar, Suresh Krishnaswamy, Robert Story
111

SEE ALSO

113       syslog(3)
114
115       libval(3)
116
117       http://dnssec-tools.sourceforge.net
118
119
120
121perl v5.8.6                       2007-09-10                       VALIDATE(1)