LinuxCommandLibrary

dnstracer

Trace DNS query resolution path

TLDR

Find out where your local DNS got the information on www.example.com

$ dnstracer [www.example.com]
copy

Start with a [s]pecific DNS that you already know
$ dnstracer -s [dns.example.org] [www.example.com]
copy

Only query IPv4 servers
$ dnstracer -4 [www.example.com]
copy

Retry each request 5 times on failure
$ dnstracer -r [5] [www.example.com]
copy

Display all steps during execution
$ dnstracer -v [www.example.com]
copy

Display an [o]verview of all received answers after execution
$ dnstracer -o [www.example.com]
copy

SYNOPSIS

dnstracer [options] hostname [dns_server]

PARAMETERS

-o
    Show only delegation information, suppressing detailed query results.

-s server
    Start the trace at the specified server instead of the root nameservers.

-q querytype
    Set the DNS query type (e.g., A, MX, NS, PTR, ANY). Default is A (address).

-c
    Disable the internal DNS cache, forcing fresh queries for every lookup.

-v
    Enable verbose output, showing more details about the tracing process.

-r retries
    Set the number of retries for each DNS query when a server doesn't respond.

-t timeout
    Set the timeout in seconds for each DNS query attempt.

-S source_ip
    Specify the source IP address for outgoing DNS queries.

-N num_queries
    Number of times to query each server for a specific query type.

-h
    Display a help message and exit.

-V
    Print the version information and exit.

DESCRIPTION

dnstracer is a command-line utility designed to trace the DNS resolution path of a given domain name. Unlike simple query tools like dig or nslookup, dnstracer iteratively queries DNS servers, starting from the root servers, to follow the delegation chain down to the authoritative name servers for a domain. This process helps in identifying misconfigurations, unreachable DNS servers, and understanding how a domain's DNS information is propagated across the internet. It's particularly useful for diagnosing complex DNS resolution issues or verifying DNS server health by mapping the entire delegation path.

CAVEATS

Requires outbound UDP port 53 access for DNS queries. The tracing process can be slow for domains with many delegation levels or unresponsive DNS servers in the chain. Its accuracy relies on correct DNS server configurations and responses.

OPERATION PRINCIPLE

dnstracer works by performing iterative DNS queries. It begins by querying a root DNS server for the target hostname. The root server typically provides a referral to a Top-Level Domain (TLD) server. dnstracer then queries the TLD server, which in turn refers to the next authoritative server in the delegation chain. This process continues until an authoritative answer for the hostname is obtained, effectively mapping the entire delegation path from the DNS root to the specific domain's records.

HISTORY

dnstracer was developed by Edwin Groothuis. It emerged as a specialized tool for detailed DNS delegation analysis, offering unique insights beyond traditional DNS lookup utilities. While its core functionality remains highly relevant for DNS troubleshooting, its active development has slowed compared to some other network utilities.

SEE ALSO

dig(1), nslookup(1), host(1), traceroute(8)

Copied to clipboard