/* Void Main's man pages */

{ phpMan } else { main(); }

Command: man perldoc info search(apropos)  

unbound-host(1)                                          unbound 1.4.13                                          unbound-host(1)



NAME
       unbound-host - unbound DNS lookup utility

SYNOPSIS
       unbound-host [-vdhr46] [-c class] [-t type] hostname [-y key] [-f keyfile] [-F namedkeyfile] [-C configfile]

DESCRIPTION
       Unbound-host  uses  the  unbound validating resolver to query for the hostname and display results. With the -v option it
       displays validation status: secure, insecure, bogus (security failure).

       By default it reads no configuration file whatsoever.  It attempts to reach  the  internet  root  servers.   With  -C  an
       unbound config file and with -r resolv.conf can be read.

       The available options are:

       hostname
              This name is resolved (looked up in the DNS).  If a IPv4 or IPv6 address is given, a reverse lookup is performed.

       -h     Show the version and commandline option help.

       -v     Enable  verbose  output  and  it shows validation results, on every line.  Secure means that the NXDOMAIN (no such
              domain name), nodata (no such data) or positive data response validated correctly with one of the keys.   Insecure
              means  that  that  domain  name  has  no security set up for it.  Bogus (security failure) means that the response
              failed one or more checks, it is likely wrong, outdated, tampered with, or broken.

       -d     Enable debug output to stderr. One -d shows what the resolver and validator are doing and may  tell  you  what  is
              going on. More times, -d -d, gives a lot of output, with every packet sent and received.

       -c class
              Specify the class to lookup for, the default is IN the internet class.

       -t type
              Specify  the type of data to lookup. The default looks for IPv4, IPv6 and mail handler data, or domain name point-
              ers for reverse queries.

       -y key Specify a public key to use as trust anchor. This is the base for a chain of trust that is built up from the trust
              anchor  to  the  response,  in order to validate the response message. Can be given as a DS or DNSKEY record.  For
              example -y "example.com DS 31560 5 1 1CFED84787E6E19CCF9372C1187325972FE546CD".

       -f keyfile
              Reads keys from a file. Every line has a DS or DNSKEY record, in the format as for -y. The zone file  format,  the
              same as dig and drill produce.

       -F namedkeyfile
              Reads keys from a BIND-style named.conf file. Only the trusted-key {}; entries are read.

       -C configfile
              Uses the specified unbound.conf to prime libunbound(3).

       -r     Read  /etc/resolv.conf, and use the forward DNS servers from there (those could have been set by DHCP).  More info
              in resolv.conf(5).  Breaks validation if those servers do not support DNSSEC.

       -4     Use solely the IPv4 network for sending packets.

       -6     Use solely the IPv6 network for sending packets.

EXAMPLES
       Some examples of use. The keys shown below are fakes, thus a security failure is encountered.

       $ unbound-host www.example.com

       $ unbound-host -v -y "example.com DS 31560 5 1 1CFED84787E6E19CCF9372C1187325972FE546CD" www.example.com

       $ unbound-host -v -y "example.com DS 31560 5 1 1CFED84787E6E19CCF9372C1187325972FE546CD" 192.0.2.153

EXIT CODE
       The unbound-host program exits with status code 1 on error, 0 on no error. The data may not be available on exit code  0,
       exit code 1 means the lookup encountered a fatal error.

SEE ALSO
       unbound.conf(5), unbound(8).



NLnet Labs                                                Sep 15, 2011                                           unbound-host(1)
Valid XHTML 1.0!Valid CSS!