Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: BIND and dig errors
Top Forums UNIX for Dummies Questions & Answers BIND and dig errors Post 12045 by sam_pointer on Tuesday 18th of December 2001 09:46:40 AM
Old 12-18-2001
Perhaps I'm missing something fundemental to DNS name resolution here. If I've only got my own local Nameserver in the resolv.conf and that has no information about www.yahoo.com (or anything else for that matter), why does it not transcend all the way down to the root nameservers (which it knows about through the root hints file - the addresses are valid I can ping them) and get me a valid answer by issuing iterative queries to Nameservers until it finds an authoritative answer?
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

dig

what is dig? Is it just a advanced type of nslookup? how to use it? //nicke:confused: (1 Reply)
Discussion started by: nicke30
1 Replies

2. Shell Programming and Scripting

New to UNIX - what script to dig into to

First I would like to thank you for your time in running a great Forum! Background - Windows/ASP/VB COM/SQL Server programmer/Webmaster. Desire - To build similar skillset on UNIX. I am looking at learning Perl or Python (maybe Jython due to connection to Java). I have a brief background... (3 Replies)
Discussion started by: nimrod
3 Replies

3. UNIX for Dummies Questions & Answers

linux dig command

When I use the linux dig command such as #dig yahoo.com it resolves but when I use the same command as root it gives me error "Segmentation Fault" Please advise I am completly baffled. (1 Reply)
Discussion started by: Tirmazi
1 Replies

4. Solaris

Errors compiling Bind

Hi all, Apologies if this is the wrong forum for this question, if it is, could some one point me to the right one please. I am trying to compile bind-9.5.1b1 on Solaris 10 Get the error when try to configure: checking for OpenSSL library... using OpenSSL from /usr/local/lib and... (5 Replies)
Discussion started by: callmebob
5 Replies

5. UNIX for Dummies Questions & Answers

Dig command output?

all, i am newbie to dns bind . Any help is very appreciated. I am using dig command to view the records in the config. I am expecting the following comamnds to display all the A (Address records) in the zone data file. my zone data file looks like this ------------------- $ORIGIN . $TTL... (2 Replies)
Discussion started by: sujathab
2 Replies

6. UNIX for Dummies Questions & Answers

dig query time

Hi Guys, I just need a confirmation if what think i know is right . dig yahoo.com ; <<>> DiG 9.7.0-P1 <<>> yahoo.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 27410 ;; flags: qr rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 0 ... (1 Reply)
Discussion started by: mtomar
1 Replies

7. IP Networking

The dig command

Can I use two different DNS servers in the one command in the form of primary and secondary. Take this for example: dig @<primaryAddress> @<secondaryAddress> MX domain.tld So if primary address is down, it will use the secondary address as a backup. It seems to work when testing, but thought... (1 Reply)
Discussion started by: neil_is_ere
1 Replies

8. UNIX for Advanced & Expert Users

DIG uses localhost

Hi, I have these entries in the /etc/esolv.conf: ------------ domain xxxxxx search yyyyyy nameserver 127.0.0.1 nameserver aaaaaaaaaaaaaaaa nameserver bbbbbbbbbbbbbbbb ------------- When I use 'dig' or 'nslookup' command, like 'dig yahoo.com' it uses the localhost as the server. I... (2 Replies)
Discussion started by: chaandana
2 Replies

9. Shell Programming and Scripting

Dig match

Hi, I am testing some code to match a grep to see if one of the dns server exists but it does not seem to match: ERROR: ======= CRITICAL: google.com DNS : ns3.google.com NOT found CODE: ===== if ; then echo "OK: google.com DNS : ns3.google.com exists" else echo... (5 Replies)
Discussion started by: dmccabe
5 Replies

10. Shell Programming and Scripting

Perl dig script

Experts - I was hoping someone could help me out with the logic on this perl script. I'm trying to run some dig commands and parse in such a way as to group them together. Here's what I have so far. #!/usr/bin/perl system(clear); my @host = qw/yahoo.com google.com /; foreach... (2 Replies)
Discussion started by: timj123
2 Replies

LEARN ABOUT DEBIAN

softhsm-keyconv

SOFTHSM-KEYCONV(1)					      General Commands Manual						SOFTHSM-KEYCONV(1)

NAME

       softhsm-keyconv - converting between BIND and PKCS#8 key file formats

SYNOPSIS

       softhsm-keyconv --topkcs8 --in path --out path [--pin PIN]
       softhsm-keyconv --tobind --in path [--pin PIN] 
	      --name name [--ttl ttl --ksk] --algorithm algorithm

DESCRIPTION

       softhsm-keyconv	can  convert  between  BIND .private-key files and the PKCS#8 file format.  This is so that you can import the PKCS#8 file
       into libsofthsm using the command softhsm.  If you have another file format, then openssl probably can help you	to  convert  it  into  the
       PKCS#8 file format.

       The following files will be created when converting to BIND file format:

       Kname+alg_id+key_tag.key
	      Public key in RR format

       Kname+alg_id+key_tag.private
	      Private key in BIND key format

       The three parts of the file name means the following:

	      name   The owner name given by the --name argument.

	      alg_id A numeric representation of the --algorithm argument.

	      key_tag
		     Is a checksum of the DNSKEY RDATA.

OPTIONS

       --topkcs8
	      Convert from BIND .private-key format to PKCS#8.
	      Use with --in, --out, and --pin.

       --tobind
	      Convert from PKCS#8 to BIND .private-key format.
	      Use with --in, --pin, --name, --ttl, --ksk, and --algorithm.

       --algorithm algorithm
	      Specifies which DNSSEC algorithm to use when converting to BIND format.  The supported algorithms are:
		     RSAMD5
		     DSA
		     RSASHA1
		     RSASHA1-NSEC3-SHA1
		     DSA-NSEC3-SHA1
		     RSASHA256
		     RSASHA512

       --help, -h
	      Shows the help screen.

       --in path
	      The path to the input file.

       --ksk  This will set the flag field to 257 instead of 256 in the DNSKEY RR in the .key file.  Indicating that the key is a Key Signing Key.
	      Can be used when converting to BIND format.

       --name name
	      The owner name to use in the BIND file name and in the DNSKEY RR.  Do not forget the trailing dot, e.g. "example.com."

       --out path
	      The path to the output file.

       --pin PIN
	      The PIN will be used to encrypt or decrypt the PKCS#8 file depending if we are converting to or from PKCS#8.  If not given then  the
	      PKCS#8 file is assumed to be unencrypted.

       --ttl TTL
	      The TTL to use for the DNSKEY RR.  Optional, this will default to 3600 seconds.

       --version, -v
	      Show the version info.

EXAMPLES

       To convert a BIND .private-key file to a PKCS#8 file, the following command can be used:

	      softhsm-keyconv --in Kexample.com.+007+05474.private 
		     --out rsa.pem

       To convert a PKCS#8 file to BIND key files, the following command can be used:

	      softhsm-keyconv --in rsa.pem --name example.com. 
		     --ksk --algorithm RSASHA1-NSEC3-SHA1

AUTHOR

       Written by Rickard Bellgrim.

SEE ALSO

       softhsm(1), softhsm.conf(5), openssl(1), named(1), dnssec-keygen(1), dnssec-signzone(1)

SoftHSM 							 21 December 2009						SOFTHSM-KEYCONV(1)
All times are GMT -4. The time now is 08:07 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy