12.3 Option Settings
nslookup has its own
set of dials and knobs, called option
settings. All of the option settings can be changed.
We'll discuss here what each of the options means, and
we'll use the rest of the chapter to show you how to use them.
% nslookup
Default Server: bladerunner.fx.movie.edu
Address: 0.0.0.0
> set all
Default Server: bladerunner.fx.movie.edu
Address: 0.0.0.0
Set options:
nodebug defname search recurse
nod2 novc noignoretc port=53
querytype=A class=IN timeout=5 retry=4
root=a.root-servers.net.
domain=fx.movie.edu
srchlist=fx.movie.edu
> ^D
Before we get into the options, we need to cover the introductory
lines. The default name server is bladerunner.fx.movie.edu. This means
that nslookup will query bladerunner unless we specify another
name server. The address 0.0.0.0 means "this host." When
nslookup is using address 0.0.0.0 or 127.0.0.1
as its name server, it is using the server running on the local
system—in this case, bladerunner.
The options come in two flavors: Boolean and value. The options that
do not have an equals sign after them are Boolean options. They have
the interesting property of being either "on" or
"off." The value options can take on different, well,
values. How can we tell which Boolean options are on and which are
off? The option is off when a "no" precedes the
option's name. nodebug means that debugging is
off. As you might guess, the searchoption is on.
How you change Boolean or value options depends on whether you are
using nslookup interactively or not. In an
interactive session, you change an option with
the
set command, as in set
debug or set
domain=classics.movie.edu. From the command line, you omit
the word set and precede the option with a
hyphen, as in nslookup -debug or
nslookup -domain=classics.movie.edu. The options
can be abbreviated to their shortest unique prefix, e.g.,
nodeb for nodebug. In addition to
its abbreviation, the querytype option can also be
called simply type.
Let's go through each of the options:
- [no]debug
Debugging is turned off by default. If it
is turned on, the name server shows timeouts and displays the
response messages. See [no]d2 for a discussion of
debug level 2.
- [no]defname
By default,
nslookup adds the local domain name to names
without a dot in them. Before search lists existed, the BIND resolver
code only added the local domain name to names without
any dots in them; this option reflects that
behavior. nslookup can implement the pre-search
list behavior (with search off and
defname on) or the search list behavior (with
search on).
- [no]search
The search option supersedes the local
domain name (defname) option. That is,
defname applies only if search is
turned off. By default, nslookup appends the
domain names in the search list (srchlist) to names
that don't end in a dot.
- [no]recurse
nslookup sends
recursive queries by default. This turns on the recursion-desired bit
in query messages. The BIND resolver sends recursive queries in the
same way. Name servers, however, send out nonrecursive queries to
other name servers.
- [no]d2
Debugging at level 2 is turned off by
default. If it is turned on, you see the query messages sent out in
addition to the regular debugging output. Turning on
d2 also turns on debug. Turning off
d2 turns off d2 only;
debug is left on. Turning off debug
turns off both debug and d2.
- [no]vc
By default, nslookup
sends queries using UDP datagrams instead of over a Virtual Circuit
(TCP). Most BIND resolvers send queries over UDP, so the default
nslookup behavior matches the resolver. As the
resolver can be instructed to use TCP, so can
nslookup.
- [no]ignoretc
By default,
nslookup doesn't ignore truncated
messages. If a message is received that has the
"truncated" bit set—indicating that the name server
couldn't fit all the important information in the UDP response
datagram—nslookup doesn't ignore it;
it retries the query using a TCP connection instead of UDP. Again,
this matches the BIND resolver's behavior. The reason for
retrying the query using a TCP connection is that TCP responses can
be many times as large as UDP responses.
- port=53
Name
servers listen on port 53. You can start a name server on another
port—for debugging purposes, for example—and
nslookup can be directed to use that port.
- querytype=A
By default,
nslookup looks up A (address) resource record
types. In addition, if you type in an IP address (and the
nslookup query type is A or PTR), then
nslookup will invert the address, append
in-addr.arpa, and look up
PTR records instead.
- class=IN
The only class that matters is Internet
(IN). Well, there is the Hesiod (HS) class, too, if you are an MITer
or run Ultrix.
- timeout=5
If the name server doesn't respond
within 5 seconds, nslookup resends the query and
doubles the timeout (to 10, 20, and then 40 seconds). Most BIND
resolvers use the same timeouts when querying a single name server.
- retry=4
Send the
query four times before giving up. After each retry, the timeout
value is doubled. Again, this matches most BIND resolvers'
behavior.
- root=a.root-servers.net.
There
is a convenience command called root that
switches your default name server to the server named here. Executing
the root command from a modern
nslookup's prompt is equivalent to
executing server a.root-servers.net. Older
versions use nic.ddn.mil(old) or even sri-nic.arpa (ancient) as the default
root name server. You can change the default "root"
server with set root=server.
- domain=fx.movie.edu
This is the default domain name to append
if the defname option is on.
- srchlist=fx.movie.edu
If search is on, these are the domain names appended
to names that do not end in a dot. The domain names are listed in the
order in which they are tried, separated by a slash. (The BIND 4.8.3
nslookup's search list would have
defaulted to fx.movie.edu/movie.edu. With 4.9
and later versions, nslookup's default
search list includes only the default domain name. You have to explicitly set the search list in
/etc/resolv.conf to get both fx.movie.edu and movie.edu.)
12.3.1 The .nslookuprc File
You can set up new default nslookup options in
an .nslookuprc file.
nslookup looks for an
.nslookuprc file in your home directory when it
starts up, in both interactive and noninteractive modes. The
.nslookuprc file can contain any legal
set commands, one per line. This is useful, for
example, if your old nslookup still thinks
sri-nic.arpa is a root name
server. You can set the default root name server to a real, current
root with a line like this in your .nslookuprc
file:
set root=a.root-servers.net.
You might also use .nslookuprc to set your
search list to something other than your host's default search
list or to change the timeouts nslookup
uses.
|
