Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 15 Oct 2013 22:42:17 -0700
From:      Kevin Oberman <rkoberman@gmail.com>
To:        Julian Elischer <julian@freebsd.org>
Cc:        FreeBSD Current <freebsd-current@freebsd.org>
Subject:   Re: What happened to nslookup?
Message-ID:  <CAN6yY1urgs-YEZ-1CirWTCNtGf5g0Qd2pFuhjLST_9oPWZ=Pjg@mail.gmail.com>
In-Reply-To: <525B3F33.4030103@freebsd.org>
References:  <0E.82.01315.25778525@cdptpa-oedge03> <20131011221302.GH1611@albert.catwhisker.org> <54.9B.16944.480B8525@cdptpa-oedge02> <20131012022825.GJ1611@albert.catwhisker.org> <525B3F33.4030103@freebsd.org>

next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Oct 13, 2013 at 5:47 PM, Julian Elischer <julian@freebsd.org> wrote:

> On 10/12/13 10:28 AM, David Wolfskill wrote:
>
>> On Sat, Oct 12, 2013 at 02:14:28AM +0000, Thomas Mueller wrote:
>>
>>> ...
>>> Thanks for info!
>>>
>> Glad to help.
>>
>>  I saw that bind was removed from the current branch because of security
>>> problems,
>>>
>> It was removed, but I believe that there was a bit more to it than
>> "security problems."
>>
> I think it was just a personal preference that managed to get communicated
> as "important", and no-one had the energy or will to argue about it.
> (that's the way software projects often work.. loudest and most persistent
> voice wins).
>
>
>  but didn't know nslookup was part of BIND.
>>>
>>> Now I see in $PORTSDIR/dns/bind-tools/pkg-**plist
>>>
>>> bin/dig
>>> bin/host
>>> bin/nslookup
>>>
>>> so host is also part of BIND?
>>>
>> :-}  The version of host we had when BIND was part of base was part of
>> BIND, yes.  Looking in src/usr.bin/host/Makefile, I see:
>>
>> # $FreeBSD: head/usr.bin/host/Makefile 255949 2013-09-30 17:23:45Z des $
>>
>> LDNSDIR=        ${.CURDIR}/../../contrib/ldns
>> LDNSHOSTDIR=    ${.CURDIR}/../../contrib/ldns-**host
>> ...
>>
>> which indicates that this is a re-implementation of "host" as
>> provided by contrib/ldns.
>>
>>  I will remember to use "host" in the future.
>>>
>> I have found it generally easy to use (easier by far than nslookup).
>>
>> Peace,
>> david
>>
>
>
nslookup(1) was deprecated about a decade ago because it often provides
misleading results when used for DNS troubleshooting. It generally works
fine for simply turning a name to an address or vice-versa.

People should really use host(1) for simple lookups. It provides the same
information and does it in a manner that will not cause misdirection when
things are broken.

If you REALLY want to dig (sorry) into DNS behavior or problems, learn to
use dig(1). It does the same as host(1) or nslookup(1) in it's simplest
form but has an extremely large number of options to adjust the query in a
variety of ways to allow real analysis of DNS behavior.

I'd love to see nslookup simply vanish, but I expect it to be around and
causing grief until the day I die (which I hope will still e at least a
couple of decades down the road.)

-- 
R. Kevin Oberman, Network Engineer
E-mail: rkoberman@gmail.com



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAN6yY1urgs-YEZ-1CirWTCNtGf5g0Qd2pFuhjLST_9oPWZ=Pjg>