Description

dnstrace searches for all DNS servers that can affect the resolution of records of type t under the domain name fqdn, starting from the root content DNS server(s) s.

It uses the standard DNS resolution algorithm, but follows all possible paths in the algorithm. It prints all responses it receives from content DNS servers; it also prints warnings about slow servers, dead servers, misdelegated ("lame") servers, and misformatted packets.

Beware that complete traces are large and incur non-trivial network traffic. As of January 2001, dnstrace produces more than 5 megabytes of output for the complete trace of cr.yp.to starting from all of the root servers. It ends up sending more than 6000 queries to more than 200 different servers.

The output of dnstrace is machine-parseable. To convert it to human-readable form, pass it through dnstracesort(1).

History

dnstrace was originally part of Daniel J. Bernstein's djbdns toolset in 2000.

Author

Original code and documentation by Daniel J. Bernstein. Documentation modernizations by Jonathan de Boyne Pollard.