BIND 9.3.0rc4 is now available.
Mark Andrews
Mark_Andrews at isc.org
Wed Sep 8 00:16:10 UTC 2004
> In article <chgm4d$1l44$1 at sf1.isc.org>,
> Barry Margolin <barmar at alum.mit.edu> wrote:
> >In article <chfgcf$26g5$1 at sf1.isc.org>, Tom Diehl <tdiehl at rogueind.com>
> >wrote:
> >
> >> On Sat, 5 Sep 2004, Paul Vixie wrote:
> >>
> >> > Barry Margolin <barmar at alum.mit.edu> writes:
> >> >
> >> > > > ... use dig instead. but we have to keep shipping [nslookup].
> >> > >
> >> > > There are undoubtedly many scripts out there that use it, too. It
> >> > > wouldn't be nice to break all of them just because there are better to
> ols
> >> > > available (e.g. awk hasn't been deprecated just because things like Pe
> rl
> >> > > and Python make it redundant).
> >> >
> >> > nslookup isn't redundant. it's Evil.
> >>
> >> Is there a document somewhere that gives specifics of why nslookup is evil
> ?
> >> I have been told this many times by various people but I have never actual
> ly
> >> seen an explaination of the issues. FWIW I use dig and I am not sure I eve
> n
> >> remember how to use nslookup anymore but I am courious.
> >
> >I don't know an official document, but here are some of the obvious
> >problems.
> >
> >nslookup gives misleading error messages, often conflating different
> >errors into the same message. For instance, it will tell you that a
> >name doesn't exist when it really means that the name doesn't have
> >records of the requested type.
> >
> >It has this really annoying requirement that the server named on the
> >command line (or the default server, if none was requested explicitly)
> >be able to reverse-resolve its own address. This is problematic when
> >you're querying a non-recursive server that doesn't happen to host the
> >reverse domain containing its address.
> >
> >It doesn't distinguish the sections that records appear in.
> >
> >Some of these problems can be worked around by enabling its debugging
> >mode, so that it shows the decoded queries and responses. But these are
> >much more verbose than dig, providing little extra information (it's
> >actually the same as using dig's +debug option).
>
> I think that some of these problems no longer exist in the nslookup that
> ships with Bind 9. I believe that the default server does not have to
> reverse-resolve. One place where nslookup is good is when you need to
> find the addresses of a bunch of machines. You can just type 'nslookup'
> and let it prompt you and then start feeding it machine names. If someone
> would have added this interactive user interface to dig or host, it would
> have been easier to get rid of nslookup.
You appear to be unaware of the dig's capabilities.
% dig +search +noall +answer -f -
drugs
drugs.dv.isc.org. 86400 IN A 192.168.191.236
farside
farside.isc.org. 3600 IN A 204.152.187.5
%
> >
> >--
> >Barry Margolin, barmar at alum.mit.edu
> >Arlington, MA
> >*** PLEASE post questions in newsgroups, not directly to me ***
> >
> --
> Tom Schulz
> schulz at adi.com
>
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews at isc.org
More information about the bind-users
mailing list