Site Navigation

FreeBSD Manual Pages

   man apropos
 
   All Sections 1 - General Commands 2 - System Calls 3 - Subroutines 4 - Special Files 5 - File Formats 6 - Games 7 - Macros and Conventions 8 - Maintenance Commands 9 - Kernel Interface n - New Commands FreeBSD 16.0-CURRENT FreeBSD 15.1-RELEASE FreeBSD 15.1-RELEASE and Ports FreeBSD 15.1-RELEASE and Ports.quarterly FreeBSD 15.1-STABLE FreeBSD 15.0-RELEASE FreeBSD 15.0-RELEASE and Ports FreeBSD 14.4-RELEASE FreeBSD 14.4-RELEASE and Ports FreeBSD 14.4-STABLE FreeBSD 14.3-RELEASE FreeBSD 14.3-RELEASE and Ports FreeBSD 14.2-RELEASE FreeBSD 14.2-RELEASE and Ports FreeBSD 14.1-RELEASE FreeBSD 14.1-RELEASE and Ports FreeBSD 14.0-RELEASE FreeBSD 14.0-RELEASE and Ports FreeBSD 13.5-RELEASE FreeBSD 13.5-RELEASE and Ports FreeBSD 13.5-STABLE FreeBSD 13.4-RELEASE FreeBSD 13.4-RELEASE and Ports FreeBSD 13.3-RELEASE FreeBSD 13.3-RELEASE and Ports FreeBSD 13.2-RELEASE FreeBSD 13.2-RELEASE and Ports FreeBSD 13.1-RELEASE FreeBSD 13.1-RELEASE and Ports FreeBSD 13.0-RELEASE FreeBSD 13.0-RELEASE and Ports FreeBSD 12.4-RELEASE FreeBSD 12.4-RELEASE and Ports FreeBSD 12.3-RELEASE FreeBSD 12.3-RELEASE and Ports FreeBSD 12.2-RELEASE FreeBSD 12.2-RELEASE and Ports FreeBSD 12.1-RELEASE FreeBSD 12.1-RELEASE and Ports FreeBSD 12.0-RELEASE FreeBSD 12.0-RELEASE and Ports FreeBSD 11.4-RELEASE FreeBSD 11.4-RELEASE and Ports FreeBSD 11.3-RELEASE FreeBSD 11.3-RELEASE and Ports FreeBSD 11.2-RELEASE FreeBSD 11.2-RELEASE and Ports FreeBSD 11.1-RELEASE FreeBSD 11.1-RELEASE and Ports FreeBSD 11.0-RELEASE FreeBSD 11.0-RELEASE and Ports FreeBSD 10.4-RELEASE FreeBSD 10.4-RELEASE and Ports FreeBSD 10.3-RELEASE FreeBSD 10.3-RELEASE and Ports FreeBSD 10.2-RELEASE FreeBSD 10.2-RELEASE and Ports FreeBSD 10.1-RELEASE FreeBSD 10.1-RELEASE and Ports FreeBSD 10.0-RELEASE FreeBSD 10.0-RELEASE and Ports FreeBSD 9.3-RELEASE FreeBSD 9.3-RELEASE and Ports FreeBSD 9.2-RELEASE FreeBSD 9.2-RELEASE and Ports FreeBSD 9.1-RELEASE FreeBSD 9.1-RELEASE and Ports FreeBSD 9.0-RELEASE FreeBSD 9.0-RELEASE and Ports FreeBSD 8.4-RELEASE FreeBSD 8.4-RELEASE and Ports FreeBSD 8.3-RELEASE FreeBSD 8.3-RELEASE and Ports FreeBSD 8.2-RELEASE FreeBSD 8.2-RELEASE and Ports FreeBSD 8.1-RELEASE FreeBSD 8.1-RELEASE and Ports FreeBSD 8.0-RELEASE FreeBSD 8.0-RELEASE and Ports FreeBSD 7.4-RELEASE FreeBSD 7.4-RELEASE and Ports FreeBSD 7.3-RELEASE FreeBSD 7.3-RELEASE and Ports FreeBSD 7.2-RELEASE FreeBSD 7.2-RELEASE and Ports FreeBSD 7.1-RELEASE FreeBSD 7.1-RELEASE and Ports FreeBSD 7.0-RELEASE FreeBSD 6.4-RELEASE FreeBSD 6.4-RELEASE and Ports FreeBSD 6.3-RELEASE FreeBSD 6.3-RELEASE and Ports FreeBSD 6.2-RELEASE FreeBSD 6.1-RELEASE FreeBSD 6.0-RELEASE FreeBSD 6.0-RELEASE and Ports FreeBSD 5.5-RELEASE FreeBSD 5.5-RELEASE and Ports FreeBSD 5.4-RELEASE FreeBSD 5.4-RELEASE and Ports FreeBSD 5.3-RELEASE FreeBSD 5.3-RELEASE and Ports FreeBSD 5.2.1-RELEASE FreeBSD 5.2.1-RELEASE and Ports FreeBSD 5.2-RELEASE FreeBSD 5.2-RELEASE and Ports FreeBSD 5.1-RELEASE FreeBSD 5.0-RELEASE FreeBSD 4.11-RELEASE FreeBSD 4.11-RELEASE and Ports FreeBSD 4.10-RELEASE FreeBSD 4.10-RELEASE and Ports FreeBSD 4.9-RELEASE FreeBSD 4.9-RELEASE and Ports FreeBSD 4.8-RELEASE FreeBSD 4.8-RELEASE and Ports FreeBSD 4.7-RELEASE FreeBSD 4.6.2-RELEASE FreeBSD 4.6.2-RELEASE and Ports FreeBSD 4.6-RELEASE FreeBSD 4.6-RELEASE and Ports FreeBSD 4.5-RELEASE FreeBSD 4.5-RELEASE and Ports FreeBSD 4.4-RELEASE FreeBSD 4.3-RELEASE FreeBSD 4.3-RELEASE and Ports FreeBSD 4.2-RELEASE FreeBSD 4.2-RELEASE and Ports FreeBSD 4.1.1-RELEASE FreeBSD 4.1.1-RELEASE and Ports FreeBSD 4.1-RELEASE FreeBSD 4.0-RELEASE FreeBSD 3.5.1-RELEASE FreeBSD 3.5.1-RELEASE and Ports FreeBSD 3.5-RELEASE and Ports FreeBSD 3.4-RELEASE FreeBSD 3.4-RELEASE and Ports FreeBSD 3.3-RELEASE FreeBSD 3.2-RELEASE FreeBSD 3.1-RELEASE FreeBSD 3.0-RELEASE FreeBSD 2.2.8-RELEASE FreeBSD 2.2.8-RELEASE and Ports FreeBSD 2.2.7-RELEASE FreeBSD 2.2.6-RELEASE FreeBSD 2.2.5-RELEASE FreeBSD 2.2.2-RELEASE FreeBSD 2.2.1-RELEASE FreeBSD 2.1.7.1-RELEASE FreeBSD 2.1.6.1-RELEASE FreeBSD 2.1.5-RELEASE FreeBSD 2.1.0-RELEASE FreeBSD 2.0.5-RELEASE FreeBSD 2.0-RELEASE FreeBSD 1.1.5.1-RELEASE FreeBSD 1.1-RELEASE FreeBSD 1.0-RELEASE FreeBSD Ports 15.1 FreeBSD Ports 15.1.quarterly FreeBSD Ports 15.0 FreeBSD Ports 14.4 FreeBSD Ports 14.3 FreeBSD Ports 14.2 FreeBSD Ports 14.1 FreeBSD Ports 14.0 FreeBSD Ports 13.5 FreeBSD Ports 13.4 FreeBSD Ports 13.3 FreeBSD Ports 13.2 FreeBSD Ports 13.1 FreeBSD Ports 13.0 FreeBSD Ports 12.4 FreeBSD Ports 12.3 FreeBSD Ports 12.2 FreeBSD Ports 12.1 FreeBSD Ports 12.0 FreeBSD Ports 11.4 FreeBSD Ports 11.3 FreeBSD Ports 11.2 FreeBSD Ports 11.1 FreeBSD Ports 11.0 FreeBSD Ports 10.4 FreeBSD Ports 10.3 FreeBSD Ports 10.2 FreeBSD Ports 10.1 FreeBSD Ports 10.0 FreeBSD Ports 9.3 FreeBSD Ports 9.2 FreeBSD Ports 9.1 FreeBSD Ports 9.0 FreeBSD Ports 8.4 FreeBSD Ports 8.3 FreeBSD Ports 8.2 FreeBSD Ports 8.1 FreeBSD Ports 8.0 FreeBSD Ports 7.4 FreeBSD Ports 7.3 FreeBSD Ports 7.2 FreeBSD Ports 7.1 FreeBSD Ports 7.0 FreeBSD Ports 6.4 FreeBSD Ports 6.3 FreeBSD Ports 6.2 FreeBSD Ports 6.0 FreeBSD Ports 5.5 FreeBSD Ports 5.4 FreeBSD Ports 5.3 FreeBSD Ports 5.2.1 FreeBSD Ports 5.2 FreeBSD Ports 5.1 FreeBSD Ports 4.11 FreeBSD Ports 4.10 FreeBSD Ports 4.9 FreeBSD Ports 4.8 FreeBSD Ports 4.7 FreeBSD Ports 4.6.2 FreeBSD Ports 4.6 FreeBSD Ports 4.5 FreeBSD Ports 4.3 FreeBSD Ports 4.2 FreeBSD Ports 4.1.1 FreeBSD Ports 3.5.1 FreeBSD Ports 3.5 FreeBSD Ports 3.4 FreeBSD Ports 2.2.8 4.4BSD Lite2 4.3BSD NET/2 4.3BSD Reno 2.11 BSD 2.10 BSD 2.9.1 BSD 2.8 BSD 386BSD 0.1 386BSD 0.0 CentOS 7.9 CentOS 7.8 CentOS 7.7 CentOS 7.6 CentOS 7.5 CentOS 7.4 CentOS 7.3 CentOS 7.2 CentOS 7.1 CentOS 7.0 CentOS 6.10 CentOS 6.9 CentOS 6.8 CentOS 6.7 CentOS 6.6 CentOS 6.5 CentOS 6.4 CentOS 6.3 CentOS 6.2 CentOS 6.1 CentOS 6.0 CentOS 5.11 CentOS 5.10 CentOS 5.9 CentOS 5.8 CentOS 5.7 CentOS 5.6 CentOS 5.5 CentOS 5.4 CentOS 4.8 CentOS 3.9 Darwin 8.0.1/ppc Darwin 7.0.1 Darwin 6.0.2/x86 Darwin 1.4.1/x86 Darwin 1.3.1/x86 Debian 14.0 unstable Debian 13.4.0 Debian 12.13.0 Debian 11.11.0 Debian 10.13.0 Debian 9.13.0 Debian 8.11.1 Debian 7.11.0 Debian 6.0.10 Debian 5.0.10 Debian 4.0.9 Debian 3.1.8 Debian 2.2.7 Debian 2.0.0 Dell UNIX SVR4 2.2 DragonFly 6.4.2 DragonFly 5.8.3 DragonFly 4.8.1 DragonFly 3.8.2 DragonFly 2.10.1 DragonFly 1.12.1 DragonFly 1.0A HP-UX 11.22 HP-UX 11.20 HP-UX 11.11 HP-UX 11.00 HP-UX 10.20 HP-UX 10.10 HP-UX 10.01 HP-UX 9.07 HP-UX 8.07 Inferno 4th Edition IRIX 6.5.30 Linux Slackware 3.1 MACH 2.5/i386 macOS 26.4 macOS 15.7.5 macOS 14.8.5 macOS 13.6.5 macOS 12.7.3 macOS 11.1 macOS 10.15.7 macOS 10.13.6 macOS 10.12.0 Minix 3.3.0 Minix 3.2.1 Minix 3.2.0 Minix 3.1.7 Minix 3.1.6 Minix 3.1.5 Minix 2.0.0 NetBSD 10.1 NetBSD 10.0 NetBSD 9.4 NetBSD 9.3 NetBSD 9.2 NetBSD 9.1 NetBSD 9.0 NetBSD 8.3 NetBSD 8.2 NetBSD 8.1 NetBSD 8.0 NetBSD 7.2 NetBSD 7.1.2 NetBSD 7.1 NetBSD 7.0 NetBSD 6.1.5 NetBSD 6.0 NetBSD 5.2.3 NetBSD 5.2 NetBSD 5.1 NetBSD 5.0 NetBSD 4.0.1 NetBSD 4.0 NetBSD 3.1 NetBSD 3.0 NetBSD 2.1 NetBSD 2.0.2 NetBSD 2.0 NetBSD 1.6.2 NetBSD 1.6.1 NetBSD 1.6 NetBSD 1.5.3 NetBSD 1.5.2 NetBSD 1.5.1 NetBSD 1.5 NetBSD 1.4.3 NetBSD 1.4.2 NetBSD 1.4.1 NetBSD 1.4 NetBSD 1.3.3 NetBSD 1.3.2 NetBSD 1.3.1 NetBSD 1.3 NetBSD 1.2.1 NetBSD 1.2 NetBSD 1.1 NetBSD 1.0 NeXTSTEP 3.3 OpenBSD 7.9 OpenBSD 7.8 OpenBSD 7.7 OpenBSD 7.6 OpenBSD 7.5 OpenBSD 7.4 OpenBSD 7.3 OpenBSD 7.2 OpenBSD 7.1 OpenBSD 7.0 OpenBSD 6.9 OpenBSD 6.8 OpenBSD 6.7 OpenBSD 6.6 OpenBSD 6.5 OpenBSD 6.4 OpenBSD 6.3 OpenBSD 6.2 OpenBSD 6.1 OpenBSD 6.0 OpenBSD 5.9 OpenBSD 5.8 OpenBSD 5.7 OpenBSD 5.6 OpenBSD 5.5 OpenBSD 5.4 OpenBSD 5.3 OpenBSD 5.2 OpenBSD 5.1 OpenBSD 5.0 OpenBSD 4.9 OpenBSD 4.8 OpenBSD 4.7 OpenBSD 4.6 OpenBSD 4.5 OpenBSD 4.4 OpenBSD 4.3 OpenBSD 4.2 OpenBSD 4.1 OpenBSD 4.0 OpenBSD 3.9 OpenBSD 3.8 OpenBSD 3.7 OpenBSD 3.6 OpenBSD 3.5 OpenBSD 3.4 OpenBSD 3.3 OpenBSD 3.2 OpenBSD 3.1 OpenBSD 3.0 OpenBSD 2.9 OpenBSD 2.8 OpenBSD 2.7 OpenBSD 2.6 OpenBSD 2.5 OpenBSD 2.4 OpenBSD 2.3 OpenBSD 2.2 OpenBSD 2.1 OpenBSD 2.0 OpenDarwin 7.2.1 OpenDarwin 6.6.2/x86 OpenDarwin 6.6.1/x86 OpenDarwin 20030208pre4/ppc OpenIndiana 2025.10 OpenIndiana 2024.10 OpenIndiana 2022.10 OpenIndiana 2020.10 OpenIndiana 2017.10 OpenIndiana 2015.10 OpenIndiana 2013.08 OpenSolaris 2010.03 OpenSolaris 2009.06 OpenStep 4.2 openSUSE 42.3 openSUSE 42.2 openSUSE 42.1 openSUSE 16.0 openSUSE 15.6 openSUSE 15.5 openSUSE 15.4 openSUSE 15.3 openSUSE 15.2 openSUSE 15.1 openSUSE 15.0 openSUSE 13.2 openSUSE 13.1 openSUSE 11.4 openSUSE 11.3 openSUSE 11.2 openSUSE 10.3 openSUSE 10.2 OSF1 V5.1/alpha OSF1 V4.0/alpha OSF1 V1.0/mips Plan 9 Red Hat 9.0 Red Hat 8.0 Red Hat 7.3 Red Hat 7.2 Red Hat 7.1 Red Hat 7.0 Red Hat 6.2 Red Hat 6.1 Red Hat 5.2 Red Hat 5.0 Red Hat 4.2 Rhapsody DR1 Rhapsody DR2 Rocky 10.1 Rocky 10.0 Rocky 9.7 Rocky 9.6 Rocky 9.5 Rocky 9.4 Rocky 9.3 Rocky 9.2 Rocky 9.1 Rocky 9.0 Rocky 8.10 Rocky 8.9 Rocky 8.8 Rocky 8.7 Rocky 8.6 Rocky 8.5 Rocky 8.4 Rocky 8.3 Sun UNIX 0.4 SunOS 5.10 SunOS 5.9 SunOS 5.8 SunOS 5.7 SunOS 5.6 SunOS 5.5.1 SunOS 4.1.3 SuSE 11.3 SuSE 11.2 SuSE 11.1 SuSE 11.0 SuSE 10.3 SuSE 10.2 SuSE 10.1 SuSE 10.0 SuSE 9.3 SuSE 9.2 SuSE 8.2 SuSE 8.1 SuSE 8.0 SuSE 7.3 SuSE 7.2 SuSE 7.1 SuSE 7.0 SuSE 6.4 SuSE 6.3 SuSE 6.1 SuSE 6.0 SuSE 5.3 SuSE 5.2 SuSE 5.0 SuSE 4.3 SuSE ES 10 SP1 Ubuntu 26.04 resolute Ubuntu 24.04 noble Ubuntu 23.10 mantic Ubuntu 22.04 jammy Ubuntu 20.04 focal Ubuntu 18.04 bionic Ubuntu 16.04 xenial Ubuntu 14.04 trusty ULTRIX 4.2 Ultrix-32 2.0/VAX Unix Seventh Edition X11R7.4 X11R7.3.2 X11R7.2 X11R6.9.0 X11R6.8.2 X11R6.7.0 XFree86 4.8.0 XFree86 4.7.0 XFree86 4.6.0 XFree86 4.5.0 XFree86 4.4.0 XFree86 4.3.0 XFree86 4.2.99.3 XFree86 4.2.0 XFree86 4.1.0 XFree86 4.0.2 XFree86 4.0.1 XFree86 4.0 XFree86 3.3.6 XFree86 3.3 XFree86 2.1 html pdf ascii

home | help

---

DELV(1)				    BIND 9			       DELV(1)

NAME
       delv - DNS lookup and validation	utility

SYNOPSIS
       delv [@server] [	[-4] | [-6] ] [-a anchor-file] [-b address] [-c	class]
       [-d  level]  [-i]  [-m] [-p port#] [-q name] [-t	type] [-x addr]	[name]
       [type] [class] [queryopt...]

       delv [-h]

       delv [-v]

       delv [queryopt...] [query...]

DESCRIPTION
       delv is a tool for sending DNS queries and validating the results,  us-
       ing  the	 same  internal	 resolver  and	validator  logic  as  named <#
       std-iscman-named>.

       delv sends to a specified name server all queries needed	to  fetch  and
       validate	 the  requested	 data;	this  includes	the original requested
       query, subsequent queries to follow CNAME or DNAME chains, queries  for
       DNSKEY, and DS records to establish a chain of trust for	DNSSEC valida-
       tion.  It  does not perform iterative resolution, but simulates the be-
       havior of a name	server configured for DNSSEC validating	 and  forward-
       ing.

       By default, responses are validated using the built-in DNSSEC trust an-
       chor for	the root zone ("."). Records returned by delv are either fully
       validated  or  were  not	signed.	If validation fails, an	explanation of
       the failure is included in the output; the validation  process  can  be
       traced  in  detail. Because delv	does not rely on an external server to
       carry out validation, it	can be used to check the validity of  DNS  re-
       sponses	in  environments where local name servers may not be trustwor-
       thy.

       Unless it is told to query a specific name server, delv tries  each  of
       the  servers  listed in /etc/resolv.conf. If no usable server addresses
       are found, delv sends queries to	the localhost addresses	(127.0.0.1 for
       IPv4, ::1 for IPv6).

       When no command-line arguments or options are given, delv  performs  an
       NS query	for "."	(the root zone).

SIMPLE USAGE
       A typical invocation of delv looks like:

	  delv @server name type

       where:

       server is  the name or IP address of the	name server to query. This can
	      be an IPv4 address in dotted-decimal notation or an IPv6 address
	      in colon-delimited notation. When	the supplied  server  argument
	      is a hostname, delv resolves that	name before querying that name
	      server (note, however, that this initial lookup is not validated
	      by DNSSEC).

	      If  no  server  argument	is  provided,  delv  consults /etc/re-
	      solv.conf; if an address is found	there,	it  queries  the  name
	      server  at that address. If either of the	-4 or -6 options is in
	      use, then	only addresses for  the	 corresponding	transport  are
	      tried.  If  no usable addresses are found, delv sends queries to
	      the localhost addresses (127.0.0.1 for IPv4, ::1 for IPv6).

       name   is the domain name to be looked up.

       type   indicates	what type of query is required	-  ANY,	 A,  MX,  etc.
	      type  can	 be  any valid query type. If no type argument is sup-
	      plied, delv performs a lookup for	an A record.

OPTIONS
       -a anchor-file
	      This option specifies a file from	which  to  read	 an  alternate
	      DNSSEC root zone trust anchor.

	      By  default,  keys  that do not match the	root zone name (.) are
	      ignored. If an alternate key name	is desired, it can  be	speci-
	      fied using the +root option.

	      Note:  When  reading  trust  anchors, delv treats	trust-anchors,
	      initial-key, and static-key identically. That is,	for a  managed
	      key,  it	is the initial key that	is trusted; RFC	5011 <https://
	      datatracker.ietf.org/doc/html/rfc5011.html>  key	management  is
	      not  supported.  delv does not consult the managed-keys database
	      maintained by named <#std-iscman-named>. This means that if  the
	      default key built	in to delv is revoked, delv must be updated to
	      a	newer version in order to continue validating.

       -b address
	      This  option sets	the source IP address of the query to address.
	      This must	be a valid address on one of the host's	network	inter-
	      faces, or	0.0.0.0, or ::.	An optional source port	may be	speci-
	      fied by appending	#<port>

       -c class
	      This  option  sets  the query class for the requested data. Cur-
	      rently, only class "IN" is supported in delv and any other value
	      is ignored.

       -d level
	      This option sets the systemwide debug level to  level.  The  al-
	      lowed  range  is	from 0 to 99. The default is 0 (no debugging).
	      Debugging	traces from delv become	 more  verbose	as  the	 debug
	      level  increases.	 See the +mtrace, +rtrace, and +vtrace options
	      below for	additional debugging details.

       -h     This option displays the delv help usage output and exits.

       -i     This option sets insecure	mode, which disables  internal	DNSSEC
	      validation. (Note, however, that this does not set the CD	bit on
	      upstream	queries.  If  the  server  being queried is performing
	      DNSSEC validation, then it does not return  invalid  data;  this
	      can  cause delv to time out. When	it is necessary	to examine in-
	      valid  data  to  debug  a	 DNSSEC	 problem,  use	dig   +cd   <#
	      cmdoption-dig-arg-cd>.)

       -m     This option enables memory usage debugging.

       -p port#
	      This option specifies a destination port to use for queries, in-
	      stead  of	 the  standard DNS port	number 53. This	option is used
	      with a name server  that	has  been  configured  to  listen  for
	      queries on a non-standard	port number.

       -q name
	      This  option  sets  the query name to name. While	the query name
	      can be specified without using the -q option,  it	 is  sometimes
	      necessary	to disambiguate	names from types or classes (for exam-
	      ple,  when  looking  up  the name	"ns", which could be misinter-
	      preted as	the type NS, or	"ch", which could be misinterpreted as
	      class CH).

       -t type
	      This option sets the query type to type, which can be any	 valid
	      query  type  supported  in BIND 9	except for zone	transfer types
	      AXFR and IXFR.  As  with	-q,  this  is  useful  to  distinguish
	      query-name types or classes when they are	ambiguous. It is some-
	      times necessary to disambiguate names from types.

	      The  default query type is "A", unless the -x option is supplied
	      to indicate a reverse lookup, in which case it is	"PTR".

       -v     This option prints the delv version and exits.

       -x addr
	      This option performs a reverse lookup, mapping an	address	 to  a
	      name.  addr  is an IPv4 address in dotted-decimal	notation, or a
	      colon-delimited IPv6 address. When -x is used, there is no  need
	      to  provide  the name or type arguments; delv automatically per-
	      forms a lookup for a name	like 11.12.13.10.in-addr.arpa and sets
	      the query	type to	PTR. IPv6 addresses are	looked up using	nibble
	      format under the IP6.ARPA	domain.

       -4     This option forces delv to only use IPv4.

       -6     This option forces delv to only use IPv6.

QUERY OPTIONS
       delv provides a number of query options which affect  the  way  results
       are displayed, and in some cases	the way	lookups	are performed.

       Each  query  option  is identified by a keyword preceded	by a plus sign
       (+). Some keywords set or reset an option. These	may be preceded	by the
       string no to negate the meaning of that keyword.	Other keywords	assign
       values  to  options like	the timeout interval. They have	the form +key-
       word=value. The query options are:

       +cdflag,	+nocdflag
	      This option controls whether to set the CD  (checking  disabled)
	      bit  in  queries	sent  by  delv.	 This may be useful when trou-
	      bleshooting DNSSEC problems from behind a	validating resolver. A
	      validating resolver blocks invalid responses, making  it	diffi-
	      cult  to	retrieve  them	for  analysis.	Setting	the CD flag on
	      queries causes the resolver to return invalid  responses,	 which
	      delv  can	 then validate internally and report the errors	in de-
	      tail.

       +class, +noclass
	      This option controls whether to display the CLASS	when  printing
	      a	record.	The default is to display the CLASS.

       +hint=FILE, +nohint
	      This  option specifies a filename	from which to load root	hints;
	      this will	be used	to find	the root name servers when name	server
	      mode (delv +ns) is in use.  If  the  option  is  not  specified,
	      built-in root hints will be used.

       +ns, +nons
	      This  option  toggles  name  server mode.	When this option is in
	      use, the delv process instantiates a  full  recursive  resolver,
	      and  uses	 that  to  look	 up the	requested query	name and type.
	      Turning on this  option  also  activates	+mtrace,  +strace  and
	      +rtrace, so that every iterative query will be logged, including
	      the full response	messages from each authoritatve	server.	 These
	      logged  messages will be written to stdout rather	than stderr as
	      usual, so	that the full trace can	be captured more easily.

	      This is intended to be similar to	the behavior  of  dig  +trace,
	      but  because  it uses the	same code as named, it much more accu-
	      rately replicates	the behavior of	a recursive name server	with a
	      cold cache that is processing a recursive	query.

       +qmin[=MODE], +noqmin
	      When used	with +ns, this option enables QNAME minimization mode.
	      Valid options of MODE are	relaxed	and strict. By default,	 QNAME
	      minimization  is	disabled.   If	+qmin is specified but MODE is
	      omitted, then relaxed mode will be used.

       +ttl, +nottl
	      This option controls whether to display the TTL when printing  a
	      record. The default is to	display	the TTL.

       +rtrace,	+nortrace
	      This  option  toggles  resolver  fetch logging. This reports the
	      name and type of each query sent by delv in the process of  car-
	      rying  out  the resolution and validation	process, including the
	      original query and all subsequent	queries	to follow  CNAMEs  and
	      to establish a chain of trust for	DNSSEC validation.

	      This  is	equivalent to setting the debug	level to 1 in the "re-
	      solver" logging category.	Setting	the systemwide debug level  to
	      1	 using	the  -d	 option	 produces the same output, but affects
	      other logging categories as well.

       +mtrace,	+nomtrace
	      This option toggles logging of messages received.	This  produces
	      a	detailed dump of the responses received	by delv	in the process
	      of carrying out the resolution and validation process.

	      This  is	equivalent  to	setting	 the debug level to 10 for the
	      "packets"	module of the "resolver" logging category. Setting the
	      systemwide debug level to	10 using the -d	 option	 produces  the
	      same output, but affects other logging categories	as well.

       +strace,	+nostrace
	      This  option  toggles  logging of	messages sent. This produces a
	      detailed dump of the queries sent	by delv	in the process of car-
	      rying out	the resolution and validation process. Turning on this
	      option also activates +mtrace.

	      This is equivalent to setting the	debug  level  to  11  for  the
	      "packets"	module of the "resolver" logging category. Setting the
	      systemwide  debug	 level	to 11 using the	-d option produces the
	      same output, but affects other logging categories	as well.

       +vtrace,	+novtrace
	      This option toggles validation logging. This shows the  internal
	      process  of  the validator as it determines whether an answer is
	      validly signed, unsigned,	or invalid.

	      This is equivalent to setting the	debug level to 3 for the "val-
	      idator" module of	the "dnssec"  logging  category.  Setting  the
	      systemwide  debug	 level	to  3 using the	-d option produces the
	      same output, but affects other logging categories	as well.

       +short, +noshort
	      This option toggles between verbose and terse answers.  The  de-
	      fault is to print	the answer in a	verbose	form.

       +comments, +nocomments
	      This  option toggles the display of comment lines	in the output.
	      The default is to	print comments.

       +rrcomments, +norrcomments
	      This option toggles the display of per-record  comments  in  the
	      output (for example, human-readable key information about	DNSKEY
	      records).	The default is to print	per-record comments.

       +crypto,	+nocrypto
	      This  option  toggles  the  display  of  cryptographic fields in
	      DNSSEC records. The contents of these fields are unnecessary  to
	      debug most DNSSEC	validation failures and	removing them makes it
	      easier to	see the	common failures. The default is	to display the
	      fields.  When omitted, they are replaced by the string [omitted]
	      or, in the DNSKEY	case, the key ID is displayed as the  replace-
	      ment, e.g. [ key id = value ].

       +restarts
	      When name	server mode (delv +ns) is in use, this option sets the
	      maximum  number  of  CNAME  queries to follow before terminating
	      resolution.  This	prevents delv from hanging in the event	 of  a
	      CNAME loop.  The default is 11.

       +maxqueries
	      This  option  specifies the maximum number of queries to send to
	      resolve a	name before giving up. The default is 50.

       +maxtotalqueries
	      This option specifies the	maximum	number of queries to  send  to
	      resolve a	client request before giving up. The default is	200.

       +trust, +notrust
	      This  option  controls  whether  to display the trust level when
	      printing a record.  The default is to display the	trust level.

       +split[=W], +nosplit
	      This option splits long hex- or base64-formatted fields  in  re-
	      source  records  into chunks of W	characters (where W is rounded
	      up to the	nearest	multiple of 4).	+nosplit  or  +split=0	causes
	      fields  not to be	split at all. The default is 56	characters, or
	      44 characters when multiline mode	is active.

       +all, +noall
	      This option  sets	 or  clears  the  display  options  +comments,
	      +rrcomments, and +trust as a group.

       +multiline, +nomultiline
	      This  option prints long records (such as	RRSIG, DNSKEY, and SOA
	      records) in a verbose multi-line format with human-readable com-
	      ments. The default is to print each record on a single line,  to
	      facilitate machine parsing of the	delv output.

       +dnssec,	+nodnssec
	      This  option  indicates  whether to display RRSIG	records	in the
	      delv output.  The	default	is to do so. Note that (unlike in  dig
	      <#std-iscman-dig>)  this	does  not  control  whether to request
	      DNSSEC records or	to validate them. DNSSEC  records  are	always
	      requested, and validation	always occurs unless suppressed	by the
	      use of -i	or +noroot.

       +root[=ROOT], +noroot
	      This  option  indicates  whether	to perform conventional	DNSSEC
	      validation, and if so, specifies the name	of a trust anchor. The
	      default is to validate using a trust anchor  of  "."  (the  root
	      zone),  for  which there is a built-in key. If specifying	a dif-
	      ferent trust anchor, then	-a must	be used	to specify a file con-
	      taining the key.

       +tcp, +notcp
	      This option controls whether to use TCP  when  sending  queries.
	      The  default  is to use UDP unless a truncated response has been
	      received.

       +unknownformat, +nounknownformat
	      This option prints all RDATA  in	unknown	 RR-type  presentation
	      format  (RFC 3597	<https://datatracker.ietf.org/doc/html/rfc3597
	      .html>).	The default is to print	RDATA for known	types  in  the
	      type's presentation format.

       +yaml, +noyaml
	      This option prints response data in YAML format.

FILES
       /etc/resolv.conf

SEE ALSO
       dig(1)	<#std-iscman-dig>,   named(8)  <#std-iscman-named>,  RFC  4034
       <https://datatracker.ietf.org/doc/html/rfc4034.html>,	 RFC	  4035
       <https://datatracker.ietf.org/doc/html/rfc4035.html>,	  RFC	  4431
       <https://datatracker.ietf.org/doc/html/rfc4431.html>,	 RFC	  5074
       <https://datatracker.ietf.org/doc/html/rfc5074.html>,	  RFC	  5155
       <https://datatracker.ietf.org/doc/html/rfc5155.html>.

Author
       Internet	Systems	Consortium

Copyright
       2026, Internet Systems Consortium

9.20.23				  2026-05-08			       DELV(1)

---

NAME | SYNOPSIS | DESCRIPTION | SIMPLE USAGE | OPTIONS | QUERY OPTIONS | FILES | SEE ALSO | Author | Copyright

Want to link to this manual page? Use this URL:
<https://man.freebsd.org/cgi/man.cgi?query=delv&sektion=1&manpath=FreeBSD+Ports+15.1.quarterly>

home | help

---

Legal Notices | © 1995-2026 The FreeBSD Project. All rights reserved.

Contact