From: Barry Finkel (b19141@ACHILLES.CTD.ANL.GOV)
Date: Fri Apr 23 2004 - 15:12:43 EDT
> from the NT box run nslookup, you should see something like this:
>
>( of course mine is UNIX so consider this)
nslookup is NOT the tool to use for DNS debugging. It has some
problems that make it hard to determine a DNS problem.
Use the BIND-supplied utility "dig" instead.
For example, most implementations of nslookup REQUIRE that the name
server being queried have a reverse entry in DNS. If not, then nslookup
will refuse to query that DNS server and quit with a cryptic error
message. Also, without the "-debug" (or is it "-d") option, nslookup
will display sections of the DNS packet without denoting what they
are. I can query DNS for an MX record, and nslookup will display
an SOA record, without telling the user that there were no MX records
(i.e., no answer section in the DNS response packet) and then
displaying the SOA record from the authority or additional sections
of the DNS response packet.
The dig utility will display the contents of each of the sections in
the DNS response packet. I have no idea if dig is supplied with BIND
in a standard AIX installation.
----------------------------------------------------------------------
Barry S. Finkel
Computing and Instrumentation Solutions Division
Argonne National Laboratory Phone: +1 (630) 252-7277
9700 South Cass Avenue Facsimile:+1 (630) 252-4601
Building 222, Room D209 Internet: BSFinkel@anl.gov
Argonne, IL 60439-4828 IBMMAIL: I1004994
This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 22:17:51 EDT