You can verify particular sets of DNS records on multiple DNS servers to diagnose and fix problems that missing or incorrect DNS records can cause by using the /ql (Query List) option in DNSLint.
In many scenarios, the ability to quickly verify sets of DNS records on multiple DNS servers has many advantages. For example, when clients cannot log on to a Windows 2000 domain, if you can verify that the Service Location records that the clients use to find LDAP and Kerberos servers are available and accurate, you can determine whether DNS is causing the problem. This may be difficult and time-consuming if there are many domain controllers in the domain and many DNS servers that are responsible for hosting these records.
Another example is where customers report that they cannot access your Web site. To determine whether missing or incorrect DNS records are responsible for the problem, you must verify that each DNS server that hosts records for the Web servers is accurate. If you have a small number of DNS servers and DNS records, you can use Nslookup.exe to quickly verify the DNS records. But it can be time-consuming to use Nslookup.exe to verify a large number of records that are hosted on many DNS servers.
As a third example, users can send e-mail, but do not receive e-mail. The mail might be stalled on the e-mail server, and maybe there is a problem with name resolution. To determine whether this is so, you must verify all the related DNS records on all the authoritative DNS servers. Depending on the size and complexity of the e-mail infrastructure, this can be a complex and time-consuming task.
By using the /ql option in DNSLint, you can quickly query a large number of records on many DNS servers. DNSLint reads instructions from a file that is specified by the /ql option. When DNSLint has verified that the file is a valid DNSLint input file, it runs the queries that are specified in the file and reports the results in an easy-to-read HTML report. Administrators can use this input file to specify which DNS servers to query and exactly which DNS records to search for on each server. The format of the input file is as follows:
DNSLint[dns~server] 169.254.46.138www.reskit.com,a,r169.254.197.1,ptr,r[dns~server] 169.254.46.200reskit.com,cname,rreskit.com,mx,r_kerberos._tcp.dc._msdcs.reskit.com,srv,r
The file must start with the word "DNSlint" at the top. This is the first item DNSLint looks for when it opens the input file. If "DNSlint" is not the first word when the file is opened, DNSLint rejects the specified input file and you receive an error message.
This line specifies the IP address of a DNS server to send queries to. You must specify [dns~server] followed by a space and a valid IP address. If either of these two items is missing, DNSLint rejects the specified input file and you receive an error message.
Thereafter, lines indicate the queries to send to the specified DNS server. For example:
The format of the queries is as follows: name, record type, query type.
The first field in the line is the name you want to query. For example, www.reskit.com. The name is immediately followed by a comma. Leave no spaces on either side of the comma.
The second field follows the comma immediately after the name you want to query. The second field is the type of DNS record to query for. Microsoft supports the following DNS record types:
- a = Host
- ptr = Pointer
- cname = Alias
- mx = Mail Exchange
- srv = Service Location
The type of record is immediately followed by a comma. Leave no spaces on either side of the comma.
The third field is the type of DNS query you want to send. This field immediately follows the comma that is after the type of record. The following query types are valid:
- r = recursive
- i = iterative
All three fields are required, and you must leave no spaces anywhere in the query line.
A fourth field is optional. If you append ",tcp" to the third field, DNSLint sends the specified query by using the TCP protocol instead of the default UDP protocol. Again, leave no spaces. Nothing must follow this fourth field if you use it.
For additional information about this functionality, see the documentation that is included with the DNSLint download.
The following file is available for download from the Microsoft Download Center:Download the dnslint-v2.02.exe package now.
For additional information about how to download Microsoft Support files, click the following article number to view the article in the Microsoft Knowledge Base:
How to Obtain Microsoft Support Files from Online Services
Microsoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help to prevent any unauthorized changes to the file.