ldns-walk man page

ldns-walk — Retrieve the contents of a DNSSEC signed zone

Synopsis

ldns-walk [ OPTION ] ZONE

Description

ldns-walk is used to retrieve the contents of a DNSSEC signed zone. It does this through NSEC-walking (following the chain of NSEC records) and 'guessing' the next non-existent owner name for each NSEC.

Note that it might get stuck on some wildcard records when used through a caching forwarder. This problem can be circumvented by querying the authoritative nameserver directly (with the @ argument).

Of course the nameserver that is used must be DNSSEC-aware.

Options

-4
Use only IPv4.
-6
Use only IPv6.
-f
Do a 'full' zone walk; by default, ldns-walk will only show the names, and types present at those names. If this option is given, all resource records will be printed.
-s name
Start the walk with this owner name. Useful when continuing the walk for a large zone.
-v verbosity
Verbosity level [1-5].
@ nameserver
Send the queries to this nameserver.

Bugs

The full zone walk function is not complete yet, it does not correctly print delegation records

Author

Written by Jelte Jansen as an example for ldns usage.

Reporting Bugs

Report bugs to <ldns-team@nlnetlabs.nl>.

Info

21 Nov 2005