1. dig

dig是一个实用的DNS查询工具,

dig is a flexible tool for interrogating DNS name servers. It performs DNS lookups and displays the answers that are returned from the name server(s) that were queried. Most DNS administrators use dig to troubleshoot DNS problems

dig命令使用语法如下:

dig [@server] [-b address] [-c class] [-f filename] [-k filename] [-m] [-p port#] [-q name] [-t type] [-v] [-x addr] [-y [hmac:]name:key] [[-4] | [-6]] [name] [type] [class] [queryopt...]

dig [-h]

dig [global-queryopt...] [query...]

(1)常见的用法

dig @server name type
  • @server,DNS域名服务器,如果没有指定,则从/etc/resolv.conf文件指定的nameserver中查询
  • name,要查询的域名
  • type,DNS记录类型,如ANY, A, MX, SIG

(2)简单实例

# dig baidu.com

; <<>> DiG 9.16.1-Ubuntu <<>> baidu.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 18970
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;baidu.com.                     IN      A

;; ANSWER SECTION:
baidu.com.              525     IN      A       110.242.68.66
baidu.com.              525     IN      A       39.156.66.10

;; Query time: 4 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: 二 4月 04 18:05:33 CST 2023
;; MSG SIZE  rcvd: 70

包含5部分内容:

  • 前两行,Dig版本,输入参数
  • Got answer下面两行,是DNS响应报文的首部区域
  • 问题区域
  • 回答区域,525表示生存时间TTL,单位为秒
  • 本次查询的一些信息,查询时间,使用的DNS服务器等

(3)反向查询

# dig -x 8.8.8.8 +short
dns.google.

参数+short控制输出,简洁输出。

(4)跟踪过程

在查询时加上参数+trace

# dig +trace @8.8.8.8 baidu.com

; <<>> DiG 9.16.1-Ubuntu <<>> +trace @8.8.8.8 baidu.com
; (1 server found)
;; global options: +cmd
.                       67229   IN      NS      h.root-servers.net.
.                       67229   IN      NS      b.root-servers.net.
.                       67229   IN      NS      k.root-servers.net.
.                       67229   IN      NS      m.root-servers.net.
.                       67229   IN      NS      c.root-servers.net.
.                       67229   IN      NS      a.root-servers.net.
.                       67229   IN      NS      f.root-servers.net.
.                       67229   IN      NS      j.root-servers.net.
.                       67229   IN      NS      d.root-servers.net.
.                       67229   IN      NS      i.root-servers.net.
.                       67229   IN      NS      g.root-servers.net.
.                       67229   IN      NS      e.root-servers.net.
.                       67229   IN      NS      l.root-servers.net.
.                       67229   IN      RRSIG   NS 8 0 518400 20230416170000 20230403160000 60955 . hj9gK83RWBmQTmc+RymB2R8ku81+TA9iKY680btiUlh7EjXa/yLH3eH7 b6EbLqvAM83He8+9YEa+4+6ymLYCAn1CpwwyjD8h52zTRB++zUmUAxhU OqqQbJ0eYPpjpqEJFboXi/Ccw/qYlhqfkt+qNfFYmXkVbafgJkyM9sfu vHPsWWvSd7fDNd+9Xb4qJk583s8EET1zaySZ6OO+qSwCy/LoiAmp4Pjd W+tld7726MBu+qwox7AFD+D5+T/ZIq3zj8jEuwHzf+x5pq25TVfBoLhe +JDdgv7PKlImXhlZc/goShg1GyGaixjV3rmfowisoBm8QIbhVHHUbvFa db0hFg==
;; Received 525 bytes from 8.8.8.8#53(8.8.8.8) in 8 ms

com.                    172800  IN      NS      b.gtld-servers.net.
com.                    172800  IN      NS      j.gtld-servers.net.
com.                    172800  IN      NS      k.gtld-servers.net.
com.                    172800  IN      NS      a.gtld-servers.net.
com.                    172800  IN      NS      g.gtld-servers.net.
com.                    172800  IN      NS      d.gtld-servers.net.
com.                    172800  IN      NS      l.gtld-servers.net.
com.                    172800  IN      NS      f.gtld-servers.net.
com.                    172800  IN      NS      h.gtld-servers.net.
com.                    172800  IN      NS      i.gtld-servers.net.
com.                    172800  IN      NS      m.gtld-servers.net.
com.                    172800  IN      NS      e.gtld-servers.net.
com.                    172800  IN      NS      c.gtld-servers.net.
com.                    86400   IN      DS      30909 8 2 E2D3C916F6DEEAC73294E8268FB5885044A833FC5459588F4A9184CF C41A5766
com.                    86400   IN      RRSIG   DS 8 1 86400 20230417050000 20230404040000 60955 . YK8GB0+pwNsrXGYh0G9gGpjg1j9vkfHZo00muQgAm8JFPfj7+7S8hGpg xfzRcVnujAAWIslvu8UlYGfr1TN1e2SrzJ65j3rrHp+X3Qj1moD6v94U x9tvt47x1h5BxIz6WNCtvQAnt2uCvEseYBAD3aigULCmYyQ5FFlp1W0B CFeqjU/0/ShwpIqsTfuSpKYR5Y3l0TVk78OkGGg5rm5Rl4jSg/Umd136 dUCPhgOa3pR7Qudw24SJaWRWOwhFHjW/PjBsywvowyAaBdyHYNA67Adi wfWPRpNcqQIY0d7DmjXkmxUwS8TGcNH9J3VAQqSNtbJetpHVoQ4A0zVW g7zIgw==
;; Received 1197 bytes from 192.112.36.4#53(g.root-servers.net) in 268 ms

baidu.com.              172800  IN      NS      ns2.baidu.com.
baidu.com.              172800  IN      NS      ns3.baidu.com.
baidu.com.              172800  IN      NS      ns4.baidu.com.
baidu.com.              172800  IN      NS      ns1.baidu.com.
baidu.com.              172800  IN      NS      ns7.baidu.com.
CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN NSEC3 1 1 0 - CK0Q2D6NI4I7EQH8NA30NS61O48UL8G5 NS SOA RRSIG DNSKEY NSEC3PARAM
CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN RRSIG NSEC3 8 2 86400 20230408042249 20230401031249 36739 com. IFJyeiOcZBkgzG7GOY4qZPf4kekcKItClNXycgFuAjKBt4WIRWG63sJX bfnkOY6162zgB/AkbqgwrBeeWZy3HIUzq9xaow4zkpYgYsKpJvjEXo5V MdBw/JntXWVbym0a3uvxTanwep5C8XcCo/1euq/buIEjljfwQMnJO0wW GtKVH1vQcaDB2zAySyVfEkxTF3OFKbrVVpIlczy5/vuRtg==
HPVV0C47Q7CQMTAJM90K1FBFJBRP4B4D.com. 86400 IN NSEC3 1 1 0 - HPVVAN8CFKHHHMEIDVJHFNQEOI5G6C89 NS DS RRSIG
HPVV0C47Q7CQMTAJM90K1FBFJBRP4B4D.com. 86400 IN RRSIG NSEC3 8 2 86400 20230411060450 20230404045450 36739 com. Koli+FY7Kswa2ku6fPnWF3IPBLjqnv9/f2IR8vdjewY4oDWN8Wsj9WRq 3vriFQ2DuBislo1jXNI9jSI4oOemYulBojf65J8Talzvi5cpwn5qTklI AoJ2jtuOs0nZUrfBaC8Mud0tFOHXtkBZKDkiPOOYLdmdJobk6BWVCVan slzC7+M7MpG3tYix0QM4z07LZWUdId2VokKJbOUW3QMCrQ==
;; Received 845 bytes from 192.33.14.30#53(b.gtld-servers.net) in 100 ms

baidu.com.              600     IN      A       39.156.66.10
baidu.com.              600     IN      A       110.242.68.66
baidu.com.              86400   IN      NS      ns3.baidu.com.
baidu.com.              86400   IN      NS      dns.baidu.com.
baidu.com.              86400   IN      NS      ns7.baidu.com.
baidu.com.              86400   IN      NS      ns2.baidu.com.
baidu.com.              86400   IN      NS      ns4.baidu.com.
;; Received 356 bytes from 111.45.3.226#53(ns4.baidu.com) in 8 ms
  • DS记录保存了域 KSK公钥的哈希值
  • RRSIG是指Resource Record Signature,为了保证响应结果可信,诞生了DNSSEC(Domain Name System Security Extensions)技术。进一步了解见:DNSSEC 技术详解 | 初始化博客

2. nslookup

nslookup (name server lookup) - query Internet name servers interactively

nslookup [-option] [name | -] [server]

(1)权威应答与非权威应答区别

权威应答(authoritative answer)与 非权威应答(non-authoritative answer),前者表示结果是从权威域名服务器查询到的结果,后者则不是,比如来自于本地域名服务器的缓存。

举例,nslookup baidu.com得到的是非权威应答,这不奇怪,baidu.com在本地域名服务器有缓存。

root@ubuntu:~# nslookup baidu.com
Server:         127.0.0.53
Address:        127.0.0.53#53

Non-authoritative answer:
Name:   baidu.com
Address: 39.156.66.10
Name:   baidu.com
Address: 110.242.68.66

现在,咱们让DNS请求报文发给权威域名服务器。首先,找出baidu.com的域名服务器,

root@ubuntu:~# host -t ns baidu.com
baidu.com name server ns3.baidu.com.
baidu.com name server ns7.baidu.com.
baidu.com name server dns.baidu.com.
baidu.com name server ns2.baidu.com.
baidu.com name server ns4.baidu.com.

再次发给查询,得到结果如下,可见,现在是权威回答了。

root@ubuntu:~# nslookup baidu.com ns3.baidu.com
Server:         ns3.baidu.com
Address:        36.152.45.193#53

Name:   baidu.com
Address: 110.242.68.66
Name:   baidu.com
Address: 39.156.66.10

3. host

host - DNS lookup utility

host [-aACdlnrsTUwv] [-c class] [-N ndots] [-R number] [-t type] [-W wait] [-m flag] [[-4] | [-6]] [-v] [-V] {name} [server]

(1)查看域名服务器

root@ubuntu:~# host -t ns google.com
google.com name server ns2.google.com.
google.com name server ns1.google.com.
google.com name server ns4.google.com.
google.com name server ns3.google.com.

root@ubuntu:~# host -t ns baidu.com
baidu.com name server ns3.baidu.com.
baidu.com name server ns7.baidu.com.
baidu.com name server dns.baidu.com.
baidu.com name server ns2.baidu.com.
baidu.com name server ns4.baidu.com.

root@ubuntu:~# host -t ns suqiankun.com
suqiankun.com name server zona.dnspod.net.
suqiankun.com name server quince.dnspod.net.

4. named

named是BIND 9的一个重要组件。

本文系Spark & Shine原创,转载需注明出处本文最近一次修改时间 2023-04-05 00:08

results matching ""

    No results matching ""