Windows Advisor

Tools to Monitor DNS

DnsCmd and DnsLint gets you more information than can be derived by using Nslookup.

• By Zubair Alexander
• 10/16/2006

To troubleshoot and monitor DNS services, you can turn to numerous tools out there. You might be familiar with Nslookup, a popular, built-in tool used to troubleshoot DNS-related problems. We'll look at others that aren't so well-known: DnsCmd and DnsLint, both from Microsoft. You can find them in the support tools folder in Windows Server 2003.

DNSCMD
DnsCmd is a command-line tool that can be used to perform literally hundreds of DNS-related tasks. For example, you can modify DNS server settings, get configuration information, clear server cache, display or delete records, initiate server scavenging or export a zone file. Type DnsCmd /? at the command prompt for the syntax.

Figure 1 shows some of the commands that you can run. For more information on a specific command, use the following syntax:

DnsCmd /?

For example, dnscmd /config /? will give you additional options that can be used with the /config switch.

[Click image to view larger version.]

Figure 1. DnsCmd syntax and switches.

Let's say you want to list all the zones that are configured on a DNS server called DNS1. Use DnsCmd with the /enumzones switch to get the following sample output:

C:\>dnscmd dns1 /enumzones
Enumerated zone list:
Zone count = 8
Zone name Type Storage Properties
. Cache AD-Legacy
_msdcs.example.com Primary AD-Forest Secure
10.5.5.in-addr.arpa Primary AD-Legacy Rev
25.168.192.in-addr.arpa Primary AD-Legacy Rev
example1.com Primary File
example2.com Primary File
example3.com Primary File
example4.com Primary AD-Domain
Command completed successfully.

Try various commands with different switches. You will be amazed at the amount of information you can obtain from DnsCmd. Because DnsCmd works from the command line, you can use it in a batch file and perform configuration tasks remotely on multiple DNS servers.

DNSLINT
Another useful tool, DnsLint is used at the command prompt to generate HTML reports. Use DnsLint /? at the command prompt for more information:

dnslint /d domain_name | /ad [LDAP_IP_address] |
/ql input_file [/c [smtp,pop,imap]]
[/no_open] [/r report_name] [/t]
[/s DNS_IP_address] [/v] [/y]

The three required parameters in DnsLint are the following.

/d Used to diagnose DNS-related problems, such as lame delegation

Note: Lame delegation occurs when a DNS subdomain is pointing to a DNS server that either doesn't exist or is not authoritative for that subdomain.

/ad Used to verify DNS records used for Active Directory replication

/ql Used to verify DNS records on multiple servers

There are some rules you have to follow when using DnsLint commands.

• The /d, /ad and /ql switches cannot be used together.
• The /c can't be paired up with /ad or /ql.
• When using /ad, you must also specify /s.

Here are some examples of using DnsLint.

dnslint /d myserver.com
dnslint /v /y /d reskit.com
dnslint /v /y /r ms_report /d microsoft.com
dnslint /v /y /no_open /s 169.254.1.10 /d msn.com
dnslint /v /y /c /t /d reskit.com
dnslint /d reskit.com /c smtp,pop
dnslint /ad 169.254.10.22 /s 169.254.44.1 /v
dnslint /ad /s localhost /v
dnslint /ql mylist.txt /v
dnslint /ql autocreate

Let's try the following step-by-step procedure to create an HTML report with DnsLint. You will need two pieces of information: FQDN of the server and its IP address. I'll create a report for my domain called seattlepro.com at IP address 192.168.1.200. You should substitute your own domain and IP address in this exercise.

1. Go to the command prompt and type the following:
   
   Dnslint /ql autocreate
   
   This creates a sample text file called in-dnslint.txt in the same directory where you typed the above command.
2. Edit that file with notepad:
   
   Notepad in-dnslint.txt
   
   
3. Notice the 7th line from the bottom lists dns1.cp.msft.net. I will change that to reflect my DNS server (dns1.seattlepro.com). I will also replace microsoft.com in the last four lines with the name of my domain and the IP address with my IP address in two places. When done, my file looks like this:
   
   +This DNS server is called: dns1.seattlepro.com
   [dns~server] 192.168.1.200
   
   seattlepro.com,a,r ;A record
   192.168.1.200,ptr,r ;PTR record
   seattlepro.com,cname,r ;CNAME record
   seattlepro.com,mx,r ;MX record
   
   
4. Save the file as dnsquery.txt in the same folder where you created the in-dnslint.txt file.
5. To execute the query, type the following at the command prompt:
   
   dnslint /ql dnsquery.txt /v
   
   
6. You should see an HTML report that's now displayed automatically in your default browser. The default name for the report is dnslint.htm and it's created in the same directory as the in-dnslint.txt and dnsquery.txt files.

For a sample of DnsLint report, click here. Notice that if there are any errors or warnings they are all coded for your convenience.

What are some of your favorite tools to manage and troubleshoot DNS? Send me an e-mail at [email protected].