awl(1) awl(1) NAME awl - DNS lookup tool SYNOPSIS awl [ OPTIONS ] name [ @server ] [ type ] where name is the query to make (example: froth.zone) @server is the server to query (example: dns.froth.zone) type is the DNS resource type (example: AAAA) DESCRIPTION awl (awls want licorice) is a simple tool designed to make DNS queries, much like the venerable dig(1). An awl is a tool used to make small holes, typically used in leatherworking. awl is designed to be a more "modern" version of drill(1) by including some more recent RFCs and output options. awl is still heavily Work-In-Progress so some fea‐ tures may get added or removed. OPTIONS Dig-like +[no]flags are supported, see dig(1) -D, --dnssec, +dnssec Enable DNSSEC. This needs to be manually enabled. -v value Set verbosity (currently WIP) -V Print the version and exit. -h Show a "short" help message. Query Options -4 Only make query over IPv4 -6 Only make query over IPv6 -p, --port port Sets the port to query. Default Ports: • 53 for UDP and TCP • 853 for TLS and QUIC • 443 for HTTPS -q, --query domain Domain to query (eg. example.com) -c, --class class DNS class to query (eg. IN, CH) -t, --qType type DNS type to query (eg. A, NS) --no-truncate, +ignore Ignore UDP truncation (by default, awl retries with TCP) --tcp, +tcp, +vc Use TCP for the query (see RFC 7766) --dnscrypt, +dnscrypt Use DNSCrypt -T, --tls, +tls Use DNS-over-TLS, implies --tcp (see RFC 7858) -H. --https, +https Use DNS-over-HTTPS (see RFC 8484) -Q. --quic, +quic Use DNS-over-QUIC (see RFC 9250) -x, --reverse Do a reverse lookup. Sets default type to PTR. awl automatically makes an IP or phone number canonical. --timeout seconds, +timeout=seconds Set the timeout period. Floating point numbers are accepted. 0.5 seconds is the minimum. --retries int, +tries=int, + retry=int Set the number of retries. Retry is one more than tries, dig style DNS Flags --aa=[false], +[no]aaflag (Set, Unset) AA (Authoritative Answer) flag --ad=[false], +[no]adflag (Set, Unset) AD (Authenticated Data) flag --tc=[false], +[no]tcflag (Set, Unset) TC (TrunCated) flag -z=[false], +[no]zflag (Set, Unset) Z (Zero) flag --cd=[false], +[no]cdflag (Set, Unset) CD (Checking Disabled) flag --qr=[false], +[no]qrflag (Set, Unset) QR (QueRy) flag --rd=[true], +[no]rdflag (Set, Unset) RD (Recursion Desired) flag --ra=[false], +[no]raflag (Set, Unset) RA (Recursion Available) flag Output Display --no-question, +noquestion Do not display the Question section --no-answer, +noanswer Do not display the Answer section --no-answer, +noanswer Do not display the Answer section --no-authority, +noauthority Do not display the Authority section --no-additional, +noadditional Do not display the Additional section --no-statistics, +nostats Do not display the Statistics (additional comments) section Output Formats -j, --json, +json Print the query results as JSON. -X, --xml, +xml Print the query results as XML. -y, --yaml, +yaml Print the query results as YAML. -s, --short, +short Print just the address of the answer. EXAMPLES awl grumbulon.xyz -j +cd Run a query of your local resolver for the A records of grumbulon.xyz, print them as JSON and disable DNSSEC verification. awl +short example.com AAAA @1.1.1.1 Query 1.1.1.1 for the AAAA records of example.com, print just the answers awl -xT PTR 8.8.4.4 @dns.google Query dns.google over TLS for the PTR record to the IP address 8.8.4.4 SEE ALSO drill(1), dig(1), the many DNS RFCs awl(1)