Unix/Linux Go Back    

CentOS 7.0 - man page for unbound-host (centos section 1)

Linux & Unix Commands - Search Man Pages
Man Page or Keyword Search:   man
Select Man Page Set:       apropos Keyword Search (sections above)

unbound-host(1) 			  unbound 1.4.20			  unbound-host(1)

       unbound-host - unbound DNS lookup utility

       unbound-host  [-vdhr46]	[-c class] [-t type] hostname [-y key] [-f keyfile] [-F namedkey-
       file] [-C configfile]

       Unbound-host uses the unbound validating resolver to query for the  hostname  and  display
       results.  With the -v option it displays validation status: secure, insecure, bogus (secu-
       rity failure).

       By default it reads no configuration file whatsoever.  It attempts to reach  the  internet
       root servers.  With -C an unbound config file and with -r resolv.conf can be read.

       The available options are:

	      This  name is resolved (looked up in the DNS).  If a IPv4 or IPv6 address is given,
	      a reverse lookup is performed.

       -h     Show the version and commandline option help.

       -v     Enable verbose output and it shows validation results, on every line.  Secure means
	      that  the  NXDOMAIN  (no	such domain name), nodata (no such data) or positive data
	      response validated correctly with one of the keys.  Insecure means that that domain
	      name  has  no  security  set  up	for  it.  Bogus (security failure) means that the
	      response failed one or more checks, it is likely wrong, outdated, tampered with, or

       -d     Enable  debug  output  to  stderr. One -d shows what the resolver and validator are
	      doing and may tell you what is going on. More times, -d -d, gives a lot of  output,
	      with every packet sent and received.

       -c class
	      Specify the class to lookup for, the default is IN the internet class.

       -t type
	      Specify  the type of data to lookup. The default looks for IPv4, IPv6 and mail han-
	      dler data, or domain name pointers for reverse queries.

       -y key Specify a public key to use as trust anchor. This is the base for a chain of  trust
	      that  is	built  up from the trust anchor to the response, in order to validate the
	      response message. Can be given as a DS or DNSKEY record.	 For  example  -y  "exam-
	      ple.com DS 31560 5 1 1CFED84787E6E19CCF9372C1187325972FE546CD".

       -f keyfile
	      Reads  keys from a file. Every line has a DS or DNSKEY record, in the format as for
	      -y. The zone file format, the same as dig and drill produce.

       -F namedkeyfile
	      Reads keys from a BIND-style named.conf file. Only the trusted-key {}; entries  are

       -C configfile
	      Uses the specified unbound.conf to prime libunbound(3).

       -r     Read /etc/resolv.conf, and use the forward DNS servers from there (those could have
	      been set by DHCP).  More	info  in  resolv.conf(5).   Breaks  validation	if  those
	      servers do not support DNSSEC.

       -4     Use solely the IPv4 network for sending packets.

       -6     Use solely the IPv6 network for sending packets.

       Some  examples  of use. The keys shown below are fakes, thus a security failure is encoun-

       $ unbound-host www.example.com

       $ unbound-host -v -y "example.com DS 31560 5  1	1CFED84787E6E19CCF9372C1187325972FE546CD"

       $  unbound-host	-v -y "example.com DS 31560 5 1 1CFED84787E6E19CCF9372C1187325972FE546CD"

       The unbound-host program exits with status code 1 on error, 0 on no error.  The	data  may
       not be available on exit code 0, exit code 1 means the lookup encountered a fatal error.

       unbound.conf(5), unbound(8).

NLnet Labs				   Mar 21, 2013 			  unbound-host(1)
Unix & Linux Commands & Man Pages : ©2000 - 2018 Unix and Linux Forums

All times are GMT -4. The time now is 03:16 PM.