Protocol Tweaks

dog hides several obscure DNS options behind the -Z argument.

aa — Ask for authoritative answers only

Activating this option sets the AA (Authoritative Answer) flag on each request.

dog -Z aa

Activating this option sets the AD (Authentic Data) flag on each request.

dog -Z ad

bufsize — Set EDNS UDP packet size

This option sets the maximum UDP packet size field of the OPT record that is sent.

This option takes a value that’s a number after an equals sign.

dog -Z bufsize=4096

cd — Disable checking

Activating this option sets the CD (Checking Disabled) flag on each request.

dog -Z cd

Custom record types and classes

dog knows about the most common record types (such as A or OPT) and classes (such as IN or CH). If you want to use types or classes that dog doesn’t know about, simply pass their number as a command-line argument.

dog -t 1234
dog --class 666

EDNS and OPT records

The DNS protocol has been formally extended by RFC 6891. Because the protocol was in common use by this point, it was impossible to simply add new flags or sections without becoming backwards-incompatible. So instead, the presence of an OPT record in the request or the response contains these new fields. If no record is sent in the query, then none will be sent in the response, making it opt-in.

dog’s default behaviour is to send the OPT record in the query and hide it from the response. Because a conforming DNS server will put one in every response, it often ends up being irrelevant to the actual record being requested.

The --edns option controls how to handle OPT records:

  • disable: Don’t send the OPT record as part of the request.
  • hide: Send the OPT record, but don’t display it in the response. This is the default.
  • show: Send the OPT record and display it in the response.
dog --edns show