 |  |
12.3. Option Settings
nslookup has its own set of dials and knobs, called option settings. All of the option settings can be changed. We'll discuss here what each of the options means, and we'll use the rest of the chapter to show you how to use them.
Before we get into the options, we need to cover the introductory lines. The default name server is bladerunner.fx.movie.edu. This means that nslookup will query bladerunner unless we specify another name server. The address 0.0.0.0 means "this host." When nslookup is using address 0.0.0.0 or 127.0.0.1 as its name server, it is using the server running on the local system -- in this case, bladerunner.% nslookup Default Server: bladerunner.fx.movie.edu Address: 0.0.0.0 > set all Default Server: bladerunner.fx.movie.edu Address: 0.0.0.0 Set options: nodebug defname search recurse nod2 novc noignoretc port=53 querytype=A class=IN timeout=5 retry=4 root=a.root-servers.net. domain=fx.movie.edu srchlist=fx.movie.edu > ^D
The options come in two flavors: Boolean and value. The options that do not have an equals sign after them are Boolean options. They have the interesting property of being either "on" or "off." The value options can take on different, well, values. How can we tell which Boolean options are on and which are off? The option is off when a "no" precedes the option's name. nodebug means that debugging is off. As you might guess, the searchoption is on.
How you change Boolean or value options depends on whether you are using nslookup interactively or not. In an interactive session, you change an option with the set command, as in set debug or set domain=classics.movie.edu. From the command line, you omit the word set and precede the option with a hyphen, as in nslookup -debug or nslookup -domain=classics.movie.edu. The options can be abbreviated to their shortest unique prefix, e.g., nodeb for nodebug. In addition to its abbreviation, the querytype option can also be called simply type.
Let's go through each of the options:
- [no]debug
- Debugging is turned off by default. If it is turned on, the name server shows timeouts and displays the response messages. See [no]d2 for a discussion of debug level 2.
- [no]defname
- By default, nslookup adds the local domain name to names without a dot in them. Before search lists existed, the BIND resolver code only added the local domain name to names without any dots in them; this option reflects that behavior. nslookup can implement the pre-search list behavior (with search off and defname on) or the search list behavior (with search on).
- [no]search
- The search option supersedes the local domain name (defname) option. That is, defname applies only if search is turned off. By default, nslookup appends the domain names in the search list (srchlist) to names that don't end in a dot.
- [no]recurse
- nslookup sends recursive queries by default. This turns on the recursion-desired bit in query messages. The BIND resolver sends recursive queries in the same way. Name servers, however, send out nonrecursive queries to other name servers.
- [no]d2
- Debugging at level 2 is turned off by default. If it is turned on, you see the query messages sent out in addition to the regular debugging output. Turning on d2 also turns on debug. Turning off d2 turns off d2 only; debug is left on. Turning off debug turns off both debug and d2.
- [no]vc
- By default, nslookup sends queries using UDP datagrams instead of over a Virtual Circuit (TCP). Most BIND resolvers send queries over UDP, so the default nslookup behavior matches the resolver. As the resolver can be instructed to use TCP, so can nslookup.
- [no]ignoretc
- By default, nslookup doesn't ignore truncated messages. If a message is received that has the "truncated" bit set -- indicating that the name server couldn't fit all the important information in the UDP response datagram -- nslookup doesn't ignore it; it retries the query using a TCP connection instead of UDP. Again, this matches the BIND resolver's behavior. The reason for retrying the query using a TCP connection is that TCP responses can be many times as large as UDP responses.
- port=53
- Name servers listen on port 53. You can start a name server on another port -- for debugging purposes, for example -- and nslookup can be directed to use that port.
- querytype=A
- By default, nslookup looks up A (address) resource record types. In addition, if you type in an IP address (and the nslookup query type is A or PTR), then nslookup will invert the address, append in-addr.arpa, and look up PTR records instead.
- class=IN
- The only class that matters is Internet (IN). Well, there is the Hesiod (HS) class, too, if you are an MITer or run Ultrix.
- timeout=5
- If the name server doesn't respond within 5 seconds, nslookup resends the query and doubles the timeout (to 10, 20, and then 40 seconds). Most BIND resolvers use the same timeouts when querying a single name server.
- retry=4
- Send the query four times before giving up. After each retry, the timeout value is doubled. Again, this matches most BIND resolvers' behavior.
- root=a.root-servers.net.
- There is a convenience command called root that switches your default name server to the server named here. Executing the root command from a modern nslookup's prompt is equivalent to executing server a.root-servers.net. Older versions use nic.ddn.mil(old) or even sri-nic.arpa (ancient) as the default root name server. You can change the default "root" server with set root=server.
- srchlist=fx.movie.edu
- If search is on, these are the domain names appended
to names that do not end in a dot. The domain names are listed in the
order in which they are tried, separated by a slash. (The BIND 4.8.3
nslookup's search list would have
defaulted to fx.movie.edu/movie.edu. With 4.9
and later versions, nslookup's default
search list includes only the default domain name.[95] You have to explicitly set the search list in
/etc/resolv.conf to get both fx.movie.edu and movie.edu.)
[95]This gives you an easy way to determine which version of nslookup you're running: type set all and check whether the default search list includes just the local domain name (BIND 4.9 or later) or ancestor domain names, too (BIND 4.8.3 or earlier).
12.3.1. The .nslookuprc File
You can set up new default nslookup options in an .nslookuprc file. nslookup looks for an .nslookuprc file in your home directory when it starts up, in both interactive and noninteractive modes. The .nslookuprc file can contain any legal set commands, one per line. This is useful, for example, if your old nslookup still thinks sri-nic.arpa is a root name server. You can set the default root name server to a real, current root with a line like this in your .nslookuprc file:
You might also use .nslookuprc to set your search list to something other than your host's default search list or to change the timeouts nslookup uses.set root=a.root-servers.net.
|  | |
| 12.2. Interactive Versus Noninteractive |  | 12.4. Avoiding the Search List |
