BIND 9.3.0rc4 is now available.

Mark Andrews Mark_Andrews at isc.org
Wed Sep 8 00:16:10 UTC 2004 

> In article <chgm4d$1l44$1 at sf1.isc.org>,
> Barry Margolin  <barmar at alum.mit.edu> wrote:
> >In article <chfgcf$26g5$1 at sf1.isc.org>, Tom Diehl <tdiehl at rogueind.com> 
> >wrote:
> >
> >> On Sat, 5 Sep 2004, Paul Vixie wrote:
> >> 
> >> > Barry Margolin <barmar at alum.mit.edu> writes:
> >> > 
> >> > > > ...  use dig instead.  but we have to keep shipping [nslookup].
> >> > > 
> >> > > There are undoubtedly many scripts out there that use it, too.  It
> >> > > wouldn't be nice to break all of them just because there are better to
> ols
> >> > > available (e.g. awk hasn't been deprecated just because things like Pe
> rl
> >> > > and Python make it redundant).
> >> > 
> >> > nslookup isn't redundant.  it's Evil.
> >> 
> >> Is there a document somewhere that gives specifics of why nslookup is evil
> ?
> >> I have been told this many times by various people but I have never actual
> ly
> >> seen an explaination of the issues. FWIW I use dig and I am not sure I eve
> n
> >> remember how to use nslookup anymore but I am courious.
> >
> >I don't know an official document, but here are some of the obvious 
> >problems.
> >
> >nslookup gives misleading error messages, often conflating different 
> >errors into the same message.  For instance, it will tell you that a 
> >name doesn't exist when it really means that the name doesn't have 
> >records of the requested type.
> >
> >It has this really annoying requirement that the server named on the 
> >command line (or the default server, if none was requested explicitly) 
> >be able to reverse-resolve its own address.  This is problematic when 
> >you're querying a non-recursive server that doesn't happen to host the 
> >reverse domain containing its address.
> >
> >It doesn't distinguish the sections that records appear in.
> >
> >Some of these problems can be worked around by enabling its debugging 
> >mode, so that it shows the decoded queries and responses.  But these are 
> >much more verbose than dig, providing little extra information (it's 
> >actually the same as using dig's +debug option).
> 
> I think that some of these problems no longer exist in the nslookup that
> ships with Bind 9.  I believe that the default server does not have to
> reverse-resolve.  One place where nslookup is good is when you need to
> find the addresses of a bunch of machines.  You can just type 'nslookup'
> and let it prompt you and then start feeding it machine names.  If someone
> would have added this interactive user interface to dig or host, it would
> have been easier to get rid of nslookup.

	You appear to be unaware of the dig's capabilities.

% dig +search +noall +answer -f -
drugs
drugs.dv.isc.org.       86400   IN      A       192.168.191.236
farside
farside.isc.org.        3600    IN      A       204.152.187.5
% 

> >
> >-- 
> >Barry Margolin, barmar at alum.mit.edu
> >Arlington, MA
> >*** PLEASE post questions in newsgroups, not directly to me ***
> >
> -- 
> Tom Schulz
> schulz at adi.com
> 
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark_Andrews at isc.org

More information about the bind-users mailing list