dlint(1) Internet Domain Name System (DNS) error checking utility


dlint [ -n ] zone


DNS administrators can use dlint to scan recursively through the domain records of the fully-qualified zone zone, to get a report on any errors therein. You can scan a zone you own, or anyone else's zone on the Internet. dlint talks directly to a primary or secondary nameserver for the zone, to make sure it's working with up-to-date information.

dlint also suggests ways of fixing problems instead of just complaining about them like other debugging tools.

The argument zone should always have an ending period to indicate it is a fully qualified domain name.


By default, dlint recursively traverses the entire hierarchy below the zone specified. The -n option may be used to disable recursive traversal, causing it to only examine the records in the given zone. Note that a zone may or may not contain any number of sub-domains (all of which will be checked with or without this option).


example% dlint nau.edu.

recursively scans the DNS records in zone nau.edu for problems.

example% dlint 64.114.134.in-addr.arpa.

recursively scans the DNS records associated with IP subnet for problems. You had to already know that was subnetted.


The output from dlint is computer parsable, each line has a special meaning. Lines beginning with a semicolon (;) are comments only. Lines beginning with the phrase ``WARNING'' are useful information that you should consider. A warning is not necessarily an error, but may be a problem. Lines beginning with the phrase ``ERROR'' are definite errors and should be dealt with accordingly.


Successful run, no problems encountered with zone.
Successful run, worst problem with zone was a WARNING.
Successful run, worst problem with zone was an ERROR.
Usage error.
A signal interrupted the program run (i.e. user typed interrupt key sequence).


Dlint doesn't work behind some firewalls because it needs to talk to a root nameserver to get started.

Dlint uses the zone transfer mechanism (AXFR) which some nameservers deny to unauthorized hosts.

Other nameservers happily return zero records instead of an error, in response to an unauthorized AXFR! That is just wrong.


Paul Balyoz <[email protected]>


Copyright (C) 1993-1998 Paul A. Balyoz <[email protected]>

This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.