DNSLint, which we introduced back in Chapter 8, can also come in handy when you're troubleshooting. In Chapter 8, we mostly used it to verify the registration of records by Domain Controllers. But DNSLint can also come in handy in detecting delegation problems, as we showed in Chapter 9.
To use DNSLint to check delegation, use the /d command-line option. Specify the domain name of the zone whose delegation you'd like to check as the argument. For example:
C:\> dnslint /d movie.edu
This produces a report on movie.edu's delegation, displayed in a browser window. If you're checking a zone that's not registered on the InterNIC's whois servers (i.e., a subdomain of com or net), you'll also need to specify the /s option and, as an argument, the IP address of a name server authoritative for the zone.
By default, DNSLint checks DNS over UDP. You can instruct it to test DNS over TCP, too, using the /test_tcp option.
Finally, you can use the /c option to tell DNSLint to check connectivity to the mail ports (SMTP, POP, and IMAP, by default) on the mail servers it finds for the zone. If you don't want it to check all three, you can enumerate the protocols to check after the option; for example:
C:\> dnslint /d movie.edu /c smtp,imap
Here's some sample DNSLint output (in text format, generated using /t):
DNSLint Report System Date: Sat Jul 05 18:58:05 2003 Command run: dnslint /d fx.movie.edu /t /s 192.253.254.2 /c smtp Domain name tested: fx.movie.edu DNS servers were identified as authoritative for the domain: DNS server: bladerunner.fx.movie.edu IP Address: 192.253.254.2 UDP port 53 responding to queries: YES TCP port 53 responding to queries: Not tested Answering authoritatively for domain: YES SOA record data from server: Authoritative name server: bladerunner.fx.movie.edu Hostmaster: administrator.fx.movie.edu Zone serial number: 10 Zone expires in: 1.00 day(s) Refresh period: 900 seconds Retry delay: 600 seconds Default (minimum) TTL: 3600 seconds Additional authoritative (NS) records from server: outland.fx.movie.edu 192.253.254.3 bladerunner.fx.movie.edu 192.253.254.2 Mail Exchange (MX) records from server (preference/name/IP address): 100 wormhole.movie.edu 192.253.253.1 10 starwars.fx.movie.edu 192.253.254.4 DNS server: outland.fx.movie.edu IP Address: 192.253.254.3 UDP port 53 responding to queries: YES TCP port 53 responding to queries: Not tested Answering authoritatively for domain: YES SOA record data from server: Authoritative name server: bladerunner.fx.movie.edu Hostmaster: administrator.fx..movie.edu Zone serial number: 10 Zone expires in: 1.00 day(s) Refresh period: 900 seconds Retry delay: 600 seconds Default (minimum) TTL: 3600 seconds Additional authoritative (NS) records from server: outland.fx.movie.edu 192.253.254.3 bladerunner.fx.movie.edu 192.253.254.2 Mail Exchange (MX) records from server (preference/name/IP address): 10 starwars.fx.movie.edu 192.253.254.4 100 wormhole.movie.edu 192.253.253.1 Network Connectivity Tests E-mail server: starwars.fx.movie.edu IP address: 192.253.254.4 SMTP response: 220 starwars.fx.movie.edu ESMTP Postfix POP response: Not Tested IMAP response: Not Tested E-mail server: wormhole.movie.edu IP address: 192.253.253.1 SMTP response: 220 wormhole.movie.edu ESMTP Postfix POP response: Not Tested IMAP response: Not Tested ============================================