The DNS is a critical resource for every network application, quite important to ensure that a zone or domain name is correctly configured in the DNS.

ZoneCheck is intended to help solving misconfigurations or inconsistencies usually revealed by an increase in the latency of the application, up to the output of unexpected/inconsistant results.

NOTE:

It doesn't necessary make sense to combine some options together, if that case happens the most recent option will be taken into account, silently discarding the others.

--lang lang

Select another language (en, fr, ...). The syntax is the same as for the environment variable LANG.

--debug, -d lvl

Select the debugging messages to print or activate debugging code. This parameter will override the value of the environment variable ZC_DEBUG. The available options are: 0x0001 : Initialisation 0x0002 : Localization / Internationalisation 0x0004 : Configuration 0x0008 : Autoconf 0x0010 : Loading tests 0x0020 : Tests performed 0x0040 : Debugging messages from tests 0x0400 : Information about cached object 0x0800 : Debugger itself 0x1000 : Crazy Debug, don't try this at home! 0x2000 : NResolv module debugging messages 0x4000 : Disable caching 0x8000 : Don't try to rescue exceptions

--help, -h

Show a short description of the different options available in ZoneCheck.

--version, -V

Display the version and exit.

--batch, -B filename

Data is read in batch mode from the filename or stdin if '-' was used. The syntax for the batch mode processing is as follow: DOM=domainname or DOM=domainname NS=ns1;ns2=ip1,ip2

--config, -c filename

Specify the location of the configuration file (default is zc.conf).

--testdir directory

Location of the directory holding the tests definition.

--profile, -P profilename

Force uses of profile profilename.

--category, -C catlist

Limit the test to perform to the categories specified by catlist. The syntax for the catgory description is as follow: allow=[+|] disallow=[-|!] subcomponent=: separator=, ex: dns:soa,!dns,+ don't perform DNS tests that are not SOA related

--test, -T testname

testname is the test to perform. In this case failing to pass the test is considered as fatal.

--testlist

List all the tests available.

--testdesc desctype

Give a description of the test, the possible values for desctype are name, success, failure, explanation.

--resolver, -r resolver

Resolver to use (only IP address is accepted) for finding the information about the tested zone, by default the name servers used are the one specified in /etc/resolv.conf. Note that for finding the name servers the zone should already have been delegated.

--ns, -n nslist

List of nameservers for the domain. Nameservers name are separated by a semicolon, the name can be followed by the equal sign and its IP addresses separated by a colon. This can give the following example: ns1;ns2=ip1,ip2;ns3=ip3

--quiet, -q

Don't display extra titles.

Don't display extra titles.

--one, -1

Only display the most relevant message in a compact format.

--tagonly, -g

Display only tag. This option should be used for scripting.

--verbose, -v options

Display extra information, they can be prefix by '-' or '!' to remove the effect, available options are:

intro, i

Print a short summary about the domain name and its nameservers.

testname, n

Print the name of the test when reporting a test status.

explain, x

Print an explanation for failed tests (reference to RFC, ...).

details, d

Print a detailed description of the failure (name or value of the resource involved).

reportok, o

Report test even if they passed.

fatalonly, f

Only print fatal errors.

testdesc, t

Print the test description before performing it.

counter, c

Display a test progression bar (this option is not always available according to the output media).

NOTE:

testdesc and counter are mutually exclusive.

--output, -o options

Output rendering/format selection, avalaible options are:

byseverity, bs [default]

Output is sorted/merged by severity.

byhost, bh

Output is sorted/merged by host.

text, t [default]

Output plain text.

html, h

Output HTML.

xml, x

Output XML. (experimental)

gtk, g

Use a GTK window to display the result (requires GTK binding).

NOTE:

The following set are mutually exclusive: [byseverity|byhost] and [text|html].

--error, -e options

Behaviour in case of error, available options are:

allfatal, af

All error are considered as fatals.

allwarning, aw

All error are considered as warnings.

dfltseverity, ds [default]

Use the severity associated with the test.

stop, s [default]

Stop on the first fatal error. WARNING: the current implementation stop on the first error but for each server.

nostop, ns

Never stop (even on fatal error). This generally result in a lot of errors or unexpected results due to the previous fatal error.

NOTE:

The following set are mutually exclusive: [allfatal|allwarning|dfltseverity] and [stop|nostop].

--transp, -t options

Transport/routing layer selection, available options are:

ipv4, 4 [default]

Use the IPv4 routing protocol.

ipv6, 6 [default]

Use the IPv6 routing protocol.

udp, u

Use the UDP transport layer.

tcp, t

Use the TCP transport layer.

std, s [default]

Use the UDP with fallback to TCP for truncated messages.

NOTE:

udp, tcp and std are mutually exclusive.

--ipv4, -4

Only check the zone with IPv4 connectivity.

--ipv6, -6

Only check the zone with IPv6 connectivity.

--preset name

Use of a preset configuration defined in the zc.conf configuration file.

--option options

Set extra options. The syntax is: -,-opt,opt,opt=foo

ihtml

Generate HTML pages that are suitable for inclusion (for HTML output).

nojavascript

Remove generation of javascript (for HTML output).

LANG

Specify the lang and eventually the encoding to use to display messages. For examples: fr, fr_CA, fr.latin1, fr_CA.utf8, ...

ZC_CONFIG_DIR

Directory where the configuration file and the different profiles are located.

ZC_CONFIG_FILE

Name of the configuration file to use (defaul to zc.conf), it is override by the --config option.

ZC_LOCALIZATION_DIR

Directory where all the localization files are located.

ZC_TEST_DIR

Directory where all the tests are located, it is override by the --testdir option.

ZC_HTML_PATH

Path relative to the web server to use when generating HTML pages.

ZC_DEBUG

The variable as the same effect as the debug parameter, but its main advantage is that it is taken into account from the beginning of the program.

ZC_INPUT

The variable as the same effect as the undocumented INPUT parameter, it allows to chose the input interface used by ZoneCheck, the currently supported values are: cli, cgi, inetd and gtk (requires GTK/ruby binding). But other interfaces doesn't accept the same parameters as the one described here.

ZC_IP_STACK

Restrict the IP stack available to IPv4 or IPv6, for that set it respectively to 4 or 6. This is particularly useful if you have an IPv6 stack on your computer but don't have the connectivity, in that case define ZC_IP_STACK=4.

ZC_XML_PARSER

If ruby-libxml is installed, this parser will be used instead of rexml for speed improvement, but you can force the use of rexml by setting ZC_XML_PARSER to rexml.

NOTE:

The following variables are mainly useful when it is not possible for the user to specify alternative value with the selected input interface: ZC_CONFIG_DIR, ZC_CONFIG_FILE, ZC_LOCALIZATION_DIR, ZC_TEST_DIR. Such a case happen when using the cgi interface, and you don't want the user to read an arbitrary configuration file, but as the provider of the service you want to use another configuration.

0

Everything went fine, no fatal errors were reported, the domain configuration is correct.

1

The program completed but some tests failed with a fatal severity, the domain is NOT correctly configured.

2

The program completed but some tests failed due with a fatal severity due to timeout occuring, the domain has been considered as NOT correctly configured, but you could want to check again later. This is currently not implemented.

3

The user aborted the program before it's completion.

4

An error which is not directly related to the tests performed has occured (ie: something went wrong).

9

The user (you?) didn't bother reading the man page...

/usr/local/etc/zonecheck/zc.conf

The default configuration file.

/usr/local/etc/zonecheck/*.rules

The test sequence to use for different domains.

/usr/local/libexec/zc/test

Contains the code of the tests performed by ZoneCheck.

/usr/local/libexec/zc/locale

Contains the different translations.

/usr/local/libexec/zc/www

Contains a website sample for the web interface.

Test the domain_name with IPv6 only connectivity, print a summary information about the tested domain as well as explanations and details of failed tests.

zonecheck -6 --verbose=i,x,d domain_name

Work in batch mode, where domains are read from stdin, a progress bar indicates how many tests remain, and only short report is written.

zonecheck -v c -1 -B -

Ask for the 'error' message associated with the test 'soa'.

zonecheck --testdesc error -T soa

Only print tests which have failed and the result (succeed/failed), this would be ideal for giving people, through email fir example, a short description of why their domains are not correctly configured.

zonecheck -q -vn,d,x,f domain_name

If you want to test your domain, you will certainly like to use these parameters (the use of IPv4 only as been forced because now people have computer with IPv6 stack but very few have the IPv6 connectivity, so autodetection will failed).

zonecheck -4 -vi,x,d,c domain_name

ZoneCheck-1.* was created in 1995 by Benoit Grange and has been maintained by him until 1997. The prototype was a script using the dig command, which evolved into a perl program based on the DNS resolver Resolv5. Vincent Gillet maintained the programme in 1998. This task has been taken over by Erwan Mas and Philippe Lubrano from 1998 until now.

ZoneCheck-2.* is a rewrite from scratch done in ruby at the end of 2002 by Stephane D'Alu, so as to create a modular and extensible version. And is the current version of ZoneCheck.

You can also consult the ZoneCheck homepage for more information: