using in.named and named.boot on BIND V8
Brad Knowles
brad.knowles at skynet.be
Fri May 25 17:42:29 UTC 2001
At 1:00 PM -0400 5/25/01, Joseph S D Yao wrote:
> The 'nslookup' program is a great little program for translating names
> to IP addresses and back ONCE DNS IS WORKING PROPERLY.
I cannot disagree more strongly with this statement. The
"nslookup" program does not use the standard resolver routines, and
violates virtually every principle I know of with regards to using
the resolver and the DNS protocol the same way that "regular"
programs do.
This is what makes it such an incredibly piss-poor tool for a
human being to use to try to figure out what might be wrong with
their nameserver.
Now, for experienced domain administrators who are familiar with
all the weakenesses of "nslookup", and understand the proper context
in which the tool can be used, it's not too bad -- but "dig" is much
better.
However, it is precisely for the less experienced person that
"nslookup" is the worst possible tool to use -- it *SEEMS* simple to
use, and hides a lot of apparent complexity, but the reality of it is
that this tool seriously screws up far too many things under the hood
and is quite easily capable of gravely misrepresenting the results.
I have to assume that it is for reasons like this that "nslookup"
is completely gone from more recent versions of BIND. Good riddance!
--
Brad Knowles, <brad.knowles at skynet.be>
/* efdtt.c Author: Charles M. Hannum <root at ihack.net> */
/* Represented as 1045 digit prime number by Phil Carmody */
/* Prime as DNS cname chain by Roy Arends and Walter Belgers */
/* */
/* Usage is: cat title-key scrambled.vob | efdtt >clear.vob */
/* where title-key = "153 2 8 105 225" or other similar 5-byte key */
dig decss.friet.org|perl -ne'if(/^x/){s/[x.]//g;print pack(H124,$_)}'
More information about the bind-users
mailing list