Windows Server - Technology

The Blog for IT solutions from Microsoft. By Richard Wu

Tools to monitor DNS

Just read a good article from MCPMAG which was about DNS command line tools. So, re-post here: 

By Zubair Alexander

Domain Name System service is one of the most important services on
your Windows network. The importance of DNS is even more apparent on
an Active Directory network because the entire Active Directory
infrastructure relies heavily on it.

To troubleshoot and monitor DNS services, you can turn to numerous
tools out there. You might be familiar with Nslookup, a popular,
built-in tool used to troubleshoot DNS-related problems. We'll look
at two that aren't as well-known: DnsCmd and DnsLint, both from
Microsoft. You can find them in the support tools folder in Windows
Server 2003.

DNSCMD
DnsCmd is a command-line tool that can be used to perform literally
hundreds of DNS-related tasks. For example, you can modify DNS server
settings, get configuration information, clear server cache, display
or delete records, initiate server scavenging or export a zone file.
Type DnsCmd /? at the command prompt for the syntax.

Figure 1 (see http://tinyurl.com/y67k6o ) shows some of the
commands that you can run. For more information on a specific command,
use the following syntax:

DnsCmd <CommandName> /?

For example, dnscmd /config /? will give you additional options that
can be used with the /config switch.

Let's say you want to list all the zones that are configured on a DNS
server called DNS1. Use DnsCmd with the /enumzones switch to get the
following sample output:

C:\>dnscmd dns1 /enumzones
Enumerated zone list:
Zone count = 8
Zone name Type Storage Properties
. Cache AD-Legacy
_msdcs.example.com Primary AD-Forest Secure
10.5.5.in-addr.arpa Primary AD-Legacy Rev
25.168.192.in-addr.arpa Primary AD-Legacy Rev
example1.com Primary File
example2.com Primary File
example3.com Primary File
example4.com Primary AD-Domain
Command completed successfully.

Try various commands with different switches. You will be amazed at the
amount of information you can obtain from DnsCmd. Because DnsCmd works
from the command line, you can use it in a batch file and perform
configuration tasks remotely on multiple DNS servers.

DNSLINT
Another useful tool, DnsLint is used at the command prompt to generate
HTML reports. Use DnsLint /? at the command prompt for more information:

dnslint /d domain_name | /ad [LDAP_IP_address] |
   /ql input_file [/c [smtp,pop,imap]]
   [/no_open] [/r report_name] [/t]
   [/s DNS_IP_address] [/v] [/y]

The three required parameters in DnsLint are the following.

/d -- Used to diagnose DNS-related problems, such as lame delegation.

Note: Lame delegation occurs when a DNS subdomain is pointing to a DNS
server that either doesn't exist or is not authoritative for
that subdomain.

/ad -- Used to verify DNS records used for Active Directory replication.

/ql -- Used to verify DNS records on multiple servers.

There are some rules you have to follow when using DnsLint commands.

    * The /d, /ad and /ql switches cannot be used together.
    * The /c can't be paired up with /ad or /ql.
    * When using /ad, you must also specify /s.

Here are some examples of using DnsLint.

dnslint /d myserver.com
dnslint /v /y /d reskit.com
dnslint /v /y /r ms_report /d microsoft.com
dnslint /v /y /no_open /s 169.254.1.10 /d msn.com
dnslint /v /y /c /t /d reskit.com
dnslint /d reskit.com /c smtp,pop
dnslint /ad 169.254.10.22 /s 169.254.44.1 /v
dnslint /ad /s localhost /v
dnslint /ql mylist.txt /v
dnslint /ql autocreate

Let's try the following step-by-step procedure to create an HTML report
with DnsLint. You will need two pieces of information: FQDN of the
server and its IP address. I'll create a report for my domain called
seattlepro.com at IP address 192.168.1.200. You should substitute your
own domain and IP address in this exercise.

   1. Go to the command prompt and type the following:

      Dnslint /ql autocreate

      This creates a sample text file called in-dnslint.txt in the
      same directory where you typed the above command.

   2. Edit that file with Notepad:

      Notepad in-dnslint.txt

   3. Notice the seventh line from the bottom lists dns1.cp.msft.net.
      I will change that to reflect my DNS server
      (dns1.seattlepro.com). I will also replace microsoft.com in the
      last four lines with the name of my domain and the IP address
      with my IP address in two places. When done, my file looks
      like this:

      +This DNS server is called: dns1.seattlepro.com
      [dns~server] 192.168.1.200

      seattlepro.com,a,r ;A record
      192.168.1.200,ptr,r ;PTR record
      seattlepro.com,cname,r ;CNAME record
      seattlepro.com,mx,r ;MX record

   4. Save the file as dnsquery.txt in the same folder where you
      created the in-dnslint.txt file.

   5. To execute the query, type the following at the command prompt:

      dnslint /ql dnsquery.txt /v

   6. You should see an HTML report that's now displayed automatically
      in your default browser. The default name for the report is
      dnslint.htm and it's created in the same directory as the
      in-dnslint.txt and dnsquery.txt files.

For a sample of DnsLint report, see http://www.techgalaxy.net/mcpmag/ .
Notice that if there are any errors or warnings, they are all coded for
your convenience.

Comments

CP said:

It will give you a good insight on how DNS scavenging algorithm works.

http://dnsfunda.blogspot.com

# April 10, 2007 8:42 AM