.\" $NetBSD: mdig.1,v 1.4 2019/02/24 20:01:28 christos Exp $
.\"
.\" Copyright (C) 2015-2019 Internet Systems Consortium, Inc. ("ISC")
.\"
.\" This Source Code Form is subject to the terms of the Mozilla Public
.\" License, v. 2.0. If a copy of the MPL was not distributed with this
.\" file, You can obtain one at http://mozilla.org/MPL/2.0/.
.\"
.hy 0
.ad l
'\" t
.\" Title: mdig
.\" Author:
.\" Generator: DocBook XSL Stylesheets v1.78.1
.\" Date: 2015-01-05
.\" Manual: BIND9
.\" Source: ISC
.\" Language: English
.\"
.TH "MDIG" "1" "2015\-01\-05" "ISC" "BIND9"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.\" http://bugs.debian.org/507673
.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html
.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\" -----------------------------------------------------------------
.\" * set default formatting
.\" -----------------------------------------------------------------
.\" disable hyphenation
.nh
.\" disable justification (adjust text to left margin only)
.ad l
.\" -----------------------------------------------------------------
.\" * MAIN CONTENT STARTS HERE *
.\" -----------------------------------------------------------------
.SH "NAME"
mdig \- DNS pipelined lookup utility
.SH "SYNOPSIS"
.HP \w'\fBmdig\fR\ 'u
\fBmdig\fR {@server} [\fB\-f\ \fR\fB\fIfilename\fR\fR] [\fB\-h\fR] [\fB\-v\fR] [[\fB\-4\fR] | [\fB\-6\fR]] [\fB\-m\fR] [\fB\-b\ \fR\fB\fIaddress\fR\fR] [\fB\-p\ \fR\fB\fIport#\fR\fR] [\fB\-c\ \fR\fB\fIclass\fR\fR] [\fB\-t\ \fR\fB\fItype\fR\fR] [\fB\-i\fR] [\fB\-x\ \fR\fB\fIaddr\fR\fR] [plusopt...]
.HP \w'\fBmdig\fR\ 'u
\fBmdig\fR {\-h}
.HP \w'\fBmdig\fR\ 'u
\fBmdig\fR [@server] {global\-opt...} {{local\-opt...}\ {query}...}
.SH "DESCRIPTION"
.PP
\fBmdig\fR
is a multiple/pipelined query version of
\fBdig\fR: instead of waiting for a response after sending each query, it begins by sending all queries\&. Responses are displayed in the order in which they are received, not in the order the corresponding queries were sent\&.
.PP
\fBmdig\fR
options are a subset of the
\fBdig\fR
options, and are divided into "anywhere options" which can occur anywhere, "global options" which must occur before the query name (or they are ignored with a warning), and "local options" which apply to the next query on the command line\&.
.PP
The
{@server}
option is a mandatory global option\&. It is the name or IP address of the name server to query\&. (Unlike
\fBdig\fR, this value is not retrieved from
/etc/resolv\&.conf\&.) It can be an IPv4 address in dotted\-decimal notation, an IPv6 address in colon\-delimited notation, or a hostname\&. When the supplied
\fIserver\fR
argument is a hostname,
\fBmdig\fR
resolves that name before querying the name server\&.
.PP
\fBmdig\fR
provides a number of query options which affect the way in which lookups are made and the results displayed\&. Some of these set or reset flag bits in the query header, some determine which sections of the answer get printed, and others determine the timeout and retry strategies\&.
.PP
Each query option is identified by a keyword preceded by a plus sign (+)\&. Some keywords set or reset an option\&. These may be preceded by the string
no
to negate the meaning of that keyword\&. Other keywords assign values to options like the timeout interval\&. They have the form
\fB+keyword=value\fR\&.
.SH "ANYWHERE OPTIONS"
.PP
The
\fB\-f\fR
option makes
\fBmdig\fR
operate in batch mode by reading a list of lookup requests to process from the file
\fIfilename\fR\&. The file contains a number of queries, one per line\&. Each entry in the file should be organized in the same way they would be presented as queries to
\fBmdig\fR
using the command\-line interface\&.
.PP
The
\fB\-h\fR
causes
\fBmdig\fR
to print the detailed help with the full list of options and exit\&.
.PP
The
\fB\-v\fR
causes
\fBmdig\fR
to print the version number and exit\&.
.SH "GLOBAL OPTIONS"
.PP
The
\fB\-4\fR
option forces
\fBmdig\fR
to only use IPv4 query transport\&.
.PP
The
\fB\-6\fR
option forces
\fBmdig\fR
to only use IPv6 query transport\&.
.PP
The
\fB\-b\fR
option sets the source IP address of the query to
\fIaddress\fR\&. This must be a valid address on one of the host\*(Aqs network interfaces or "0\&.0\&.0\&.0" or "::"\&. An optional port may be specified by appending "#"
.PP
The
\fB\-m\fR
option enables memory usage debugging\&.
.PP
The
\fB\-p\fR
option is used when a non\-standard port number is to be queried\&.
\fIport#\fR
is the port number that
\fBmdig\fR
will send its queries instead of the standard DNS port number 53\&. This option would be used to test a name server that has been configured to listen for queries on a non\-standard port number\&.
.PP
The global query options are:
.PP
\fB+[no]additional\fR
.RS 4
Display [do not display] the additional section of a reply\&. The default is to display it\&.
.RE
.PP
\fB+[no]all\fR
.RS 4
Set or clear all display flags\&.
.RE
.PP
\fB+[no]answer\fR
.RS 4
Display [do not display] the answer section of a reply\&. The default is to display it\&.
.RE
.PP
\fB+[no]authority\fR
.RS 4
Display [do not display] the authority section of a reply\&. The default is to display it\&.
.RE
.PP
\fB+[no]besteffort\fR
.RS 4
Attempt to display the contents of messages which are malformed\&. The default is to not display malformed answers\&.
.RE
.PP
\fB+[no]cl\fR
.RS 4
Display [do not display] the CLASS when printing the record\&.
.RE
.PP
\fB+[no]comments\fR
.RS 4
Toggle the display of comment lines in the output\&. The default is to print comments\&.
.RE
.PP
\fB+[no]continue\fR
.RS 4
Continue on errors (e\&.g\&. timeouts)\&.
.RE
.PP
\fB+[no]crypto\fR
.RS 4
Toggle the display of cryptographic fields in DNSSEC records\&. The contents of these field are unnecessary to debug most DNSSEC validation failures and removing them makes it easier to see the common failures\&. The default is to display the fields\&. When omitted they are replaced by the string "[omitted]" or in the DNSKEY case the key id is displayed as the replacement, e\&.g\&. "[ key id = value ]"\&.
.RE
.PP
\fB+dscp[=value]\fR
.RS 4
Set the DSCP code point to be used when sending the query\&. Valid DSCP code points are in the range [0\&.\&.63]\&. By default no code point is explicitly set\&.
.RE
.PP
\fB+[no]multiline\fR
.RS 4
Print records like the SOA records in a verbose multi\-line format with human\-readable comments\&. The default is to print each record on a single line, to facilitate machine parsing of the
\fBmdig\fR
output\&.
.RE
.PP
\fB+[no]question\fR
.RS 4
Print [do not print] the question section of a query when an answer is returned\&. The default is to print the question section as a comment\&.
.RE
.PP
\fB+[no]rrcomments\fR
.RS 4
Toggle the display of per\-record comments in the output (for example, human\-readable key information about DNSKEY records)\&. The default is not to print record comments unless multiline mode is active\&.
.RE
.PP
\fB+[no]short\fR
.RS 4
Provide a terse answer\&. The default is to print the answer in a verbose form\&.
.RE
.PP
\fB+split=W\fR
.RS 4
Split long hex\- or base64\-formatted fields in resource records into chunks of
\fIW\fR
characters (where
\fIW\fR
is rounded up to the nearest multiple of 4)\&.
\fI+nosplit\fR
or
\fI+split=0\fR
causes fields not to be split at all\&. The default is 56 characters, or 44 characters when multiline mode is active\&.
.RE
.PP
\fB+[no]tcp\fR
.RS 4
Use [do not use] TCP when querying name servers\&. The default behavior is to use UDP\&.
.RE
.PP
\fB+[no]ttlid\fR
.RS 4
Display [do not display] the TTL when printing the record\&.
.RE
.PP
\fB+[no]ttlunits\fR
.RS 4
Display [do not display] the TTL in friendly human\-readable time units of "s", "m", "h", "d", and "w", representing seconds, minutes, hours, days and weeks\&. Implies +ttlid\&.
.RE
.PP
\fB+[no]vc\fR
.RS 4
Use [do not use] TCP when querying name servers\&. This alternate syntax to
\fI+[no]tcp\fR
is provided for backwards compatibility\&. The "vc" stands for "virtual circuit"\&.
.RE
.SH "LOCAL OPTIONS"
.PP
The
\fB\-c\fR
option sets the query class to
\fIclass\fR\&. It can be any valid query class which is supported in BIND 9\&. The default query class is "IN"\&.
.PP
The
\fB\-t\fR
option sets the query type to
\fItype\fR\&. It can be any valid query type which is supported in BIND 9\&. The default query type is "A", unless the
\fB\-x\fR
option is supplied to indicate a reverse lookup with the "PTR" query type\&.
.PP
Reverse lookups \(em mapping addresses to names \(em are simplified by the
\fB\-x\fR
option\&.
\fIaddr\fR
is an IPv4 address in dotted\-decimal notation, or a colon\-delimited IPv6 address\&.
\fBmdig\fR
automatically performs a lookup for a query name like
11\&.12\&.13\&.10\&.in\-addr\&.arpa
and sets the query type and class to PTR and IN respectively\&. By default, IPv6 addresses are looked up using nibble format under the IP6\&.ARPA domain\&.
.PP
The local query options are:
.PP
\fB+[no]aaflag\fR
.RS 4
A synonym for
\fI+[no]aaonly\fR\&.
.RE
.PP
\fB+[no]aaonly\fR
.RS 4
Sets the "aa" flag in the query\&.
.RE
.PP
\fB+[no]adflag\fR
.RS 4
Set [do not set] the AD (authentic data) bit in the query\&. This requests the server to return whether all of the answer and authority sections have all been validated as secure according to the security policy of the server\&. AD=1 indicates that all records have been validated as secure and the answer is not from a OPT\-OUT range\&. AD=0 indicate that some part of the answer was insecure or not validated\&. This bit is set by default\&.
.RE
.PP
\fB+bufsize=B\fR
.RS 4
Set the UDP message buffer size advertised using EDNS0 to
\fIB\fR
bytes\&. The maximum and minimum sizes of this buffer are 65535 and 0 respectively\&. Values outside this range are rounded up or down appropriately\&. Values other than zero will cause a EDNS query to be sent\&.
.RE
.PP
\fB+[no]cdflag\fR
.RS 4
Set [do not set] the CD (checking disabled) bit in the query\&. This requests the server to not perform DNSSEC validation of responses\&.
.RE
.PP
\fB+[no]cookie\fR\fB[=####]\fR
.RS 4
Send a COOKIE EDNS option, with optional value\&. Replaying a COOKIE from a previous response will allow the server to identify a previous client\&. The default is
\fB+nocookie\fR\&.
.RE
.PP
\fB+[no]dnssec\fR
.RS 4
Requests DNSSEC records be sent by setting the DNSSEC OK bit (DO) in the OPT record in the additional section of the query\&.
.RE
.PP
\fB+[no]edns[=#]\fR
.RS 4
Specify the EDNS version to query with\&. Valid values are 0 to 255\&. Setting the EDNS version will cause a EDNS query to be sent\&.
\fB+noedns\fR
clears the remembered EDNS version\&. EDNS is set to 0 by default\&.
.RE
.PP
\fB+[no]ednsflags[=#]\fR
.RS 4
Set the must\-be\-zero EDNS flags bits (Z bits) to the specified value\&. Decimal, hex and octal encodings are accepted\&. Setting a named flag (e\&.g\&. DO) will silently be ignored\&. By default, no Z bits are set\&.
.RE
.PP
\fB+[no]ednsopt[=code[:value]]\fR
.RS 4
Specify EDNS option with code point
\fBcode\fR
and optionally payload of
\fBvalue\fR
as a hexadecimal string\&.
\fB+noednsopt\fR
clears the EDNS options to be sent\&.
.RE
.PP
\fB+[no]expire\fR
.RS 4
Send an EDNS Expire option\&.
.RE
.PP
\fB+[no]nsid\fR
.RS 4
Include an EDNS name server ID request when sending a query\&.
.RE
.PP
\fB+[no]recurse\fR
.RS 4
Toggle the setting of the RD (recursion desired) bit in the query\&. This bit is set by default, which means
\fBmdig\fR
normally sends recursive queries\&.
.RE
.PP
\fB+retry=T\fR
.RS 4
Sets the number of times to retry UDP queries to server to
\fIT\fR
instead of the default, 2\&. Unlike
\fI+tries\fR, this does not include the initial query\&.
.RE
.PP
\fB+[no]subnet=addr[/prefix\-length]\fR
.RS 4
Send (don\*(Aqt send) an EDNS Client Subnet option with the specified IP address or network prefix\&.
.sp
\fBmdig +subnet=0\&.0\&.0\&.0/0\fR, or simply
\fBmdig +subnet=0\fR
for short, sends an EDNS client\-subnet option with an empty address and a source prefix\-length of zero, which signals a resolver that the client\*(Aqs address information must
\fInot\fR
be used when resolving this query\&.
.RE
.PP
\fB+timeout=T\fR
.RS 4
Sets the timeout for a query to
\fIT\fR
seconds\&. The default timeout is 5 seconds for UDP transport and 10 for TCP\&. An attempt to set
\fIT\fR
to less than 1 will result in a query timeout of 1 second being applied\&.
.RE
.PP
\fB+tries=T\fR
.RS 4
Sets the number of times to try UDP queries to server to
\fIT\fR
instead of the default, 3\&. If
\fIT\fR
is less than or equal to zero, the number of tries is silently rounded up to 1\&.
.RE
.PP
\fB+udptimeout=T\fR
.RS 4
Sets the timeout between UDP query retries\&.
.RE
.PP
\fB+[no]unknownformat\fR
.RS 4
Print all RDATA in unknown RR type presentation format (RFC 3597)\&. The default is to print RDATA for known types in the type\*(Aqs presentation format\&.
.RE
.PP
\fB+[no]zflag\fR
.RS 4
Set [do not set] the last unassigned DNS header flag in a DNS query\&. This flag is off by default\&.
.RE
.SH "SEE ALSO"
.PP
\fBdig\fR(1),
RFC1035\&.
.SH "AUTHOR"
.PP
\fBInternet Systems Consortium, Inc\&.\fR
.SH "COPYRIGHT"
.br
Copyright \(co 2015-2019 Internet Systems Consortium, Inc. ("ISC")
.br