背景
最近在进行 dns 调试(比如开发了一个 dns 的 server,就需要调试dns 解析是否符合预期)的时候接触了一些基本工具.此处做个笔记,备查.
DNS类型
比较常用的是A
和CNAME
A:查看主机的IPv4地址
AAAA:查看主机的IPv6地址
ANY:查看关于主机域的所有信息
CNAME:查找与别名对应的正式名字
HINFO:查找主机的CPU与操作系统类型
MINFO:查找邮箱信息
MX:查找邮件交换信息
NS:查找主机域的域名服务器
PTR:查找与给定IP地址匹配的主机名
RP:查找域负责人记录
SOA:查找域内的SOA地址
UINFO:查找用户信息
工具
nslookup
nslookup命令,是Linux里非常常用的网络命令,简而言之就是“查DNS信息用的”,如果没有此命令,通过yum install bind-utils
进行安装.
nslookup是一个能够查询互联网域名服务器信息的程序。他有两种工作模式,即“交互模式”和“非交互模式”。
在“交互模式”下,用户可以向域名服务器查询各类主机、域名的信息,或者输出域名中的主机列表。
而在“非交互模式”下,用户可以针对一个主机或域名仅仅获取特定的名称或所需信息。
简单说下非交互模式
正常情况
~ nslookup www.baidu.com 8.8.8.8 -port=53
Server: 8.8.8.8 //dns server
Address: 8.8.8.8#53 //server+port
Non-authoritative answer:
www.baidu.com canonical name = www.a.shifen.com. // 别名
Name: www.a.shifen.com
Address: 180.97.33.107 //地址
Name: www.a.shifen.com
Address: 180.97.33.108
错误情况
~ nslookup www.baidu.com1 8.8.8.8 -port=53
Server: 8.8.8.8
Address: 8.8.8.8#53
** server can't find www.baidu.com1: NXDOMAIN
交互模式功能更加强大.
dig
dig 全称Domain Information Groper
,传言此工具非常强大.
废话不多说,直接上个例子,查询www.baidu.com
在8.8.8.8
服务器的53
端口解析结果,当然如果要制定端口,增加-p 53
或者你的端口即可.
正常结果
~ dig @8.8.8.8 www.baidu.com A
; <<>> DiG 9.10.6 <<>> @8.8.8.8 www.baidu.com A
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12823
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;www.baidu.com. IN A
;; ANSWER SECTION:
www.baidu.com. 80 IN CNAME www.a.shifen.com.
www.a.shifen.com. 112 IN A 180.97.33.108
www.a.shifen.com. 112 IN A 180.97.33.107
;; Query time: 58 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Mon May 07 23:14:21 CST 2018
;; MSG SIZE rcvd: 101
错误结果
~ dig @8.8.8.8 www.baidu.com1 A
; <<>> DiG 9.10.6 <<>> @8.8.8.8 www.baidu.com1 A
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44290
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;www.baidu.com1. IN A
;; AUTHORITY SECTION:
. 86392 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2018050700 1800 900 604800 86400
;; Query time: 49 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Mon May 07 23:16:30 CST 2018
;; MSG SIZE rcvd: 118
从命令的返回结果看,dig
返回的信息更加丰富,调试中需要的可能还有+trace
选项,用于追踪 dns 解析的全过程.比如
~ dig +trace @8.8.8.8 www.baidu.com A
; <<>> DiG 9.10.6 <<>> +trace @8.8.8.8 www.baidu.com A
; (1 server found)
;; global options: +cmd
. 243623 IN NS e.root-servers.net.
. 243623 IN NS h.root-servers.net.
. 243623 IN NS l.root-servers.net.
. 243623 IN NS i.root-servers.net.
. 243623 IN NS a.root-servers.net.
. 243623 IN NS d.root-servers.net.
. 243623 IN NS c.root-servers.net.
. 243623 IN NS b.root-servers.net.
. 243623 IN NS j.root-servers.net.
. 243623 IN NS k.root-servers.net.
. 243623 IN NS g.root-servers.net.
. 243623 IN NS m.root-servers.net.
. 243623 IN NS f.root-servers.net.
. 243623 IN RRSIG NS 8 0 518400 20180518170000 20180505160000 39570 . NEoKyFHHEdXvMg1bip/9XeAQhV22bQa04O5tUH/g2SN/9AcYb0vbkLP/ 1ur6HNU8K57rUWZl94Zmbh7NA4gGQ7SarA9OvG9wz4YrdLkWEV9Up+JI JvvH9d+IlFQdlsV9XGwZ9xJRAnz2KflsOlFO8/vbRIQyLSJXANaNp/NV KYkOaWgjghVzN8x5qbsErU9P5G/UUQ6BZdis03rGLOMkchRggV9y7+/G 5JlPtyXoNBczvDS5j29yTV0F3P3Tf5cmtiK2DfwD4Lk6thTymBcf7qfL Ga9amC4QdfvDUhXVzPOFTARvST7yzIDCqwqbuW8s7imw2Z23Q2TqTqwq 6RDhbQ==
;; Received 525 bytes from 8.8.8.8#53(8.8.8.8) in 53 ms
com. 172800 IN NS a.gtld-servers.net.
com. 172800 IN NS b.gtld-servers.net.
com. 172800 IN NS c.gtld-servers.net.
com. 172800 IN NS d.gtld-servers.net.
com. 172800 IN NS e.gtld-servers.net.
com. 172800 IN NS f.gtld-servers.net.
com. 172800 IN NS g.gtld-servers.net.
com. 172800 IN NS h.gtld-servers.net.
com. 172800 IN NS i.gtld-servers.net.
com. 172800 IN NS j.gtld-servers.net.
com. 172800 IN NS k.gtld-servers.net.
com. 172800 IN NS l.gtld-servers.net.
com. 172800 IN NS m.gtld-servers.net.
com. 86400 IN DS 30909 8 2 E2D3C916F6DEEAC73294E8268FB5885044A833FC5459588F4A9184CF C41A5766
com. 86400 IN RRSIG DS 8 1 86400 20180520050000 20180507040000 39570 . GiCsdUG5kyf5edT12Gdr/DT6dNUqILHfdqZ2t1vS0VY8YErVjoXRwNlr SoufI39JoZ6ChuMA3wLCo+Q9uTtRoqDKHKJU8MS7MXWyhitbQeL1cdSW insHZZVMltOH4lblQgSSPm4rte4fW+4J9lissWSPNW4d1JnHTTVtDPo+ A6jx6aYpapREv69eE89CfZ8lWBxyr788PDLw/bpwQYX5FuwzpmVZeRCQ G5j/ujt2wGn1NGs/EX3cOXpX4+0RS6fTo4YhTDZ2IIOoMg3ISz55w8Ai FczfOxxW35Gy6dhf6pV1VX943AepsYTUHjDVnK6aHTiwUcrShBtvDmXb Otk2Vg==
;; Received 1173 bytes from 193.0.14.129#53(k.root-servers.net) in 222 ms
baidu.com. 172800 IN NS dns.baidu.com.
baidu.com. 172800 IN NS ns2.baidu.com.
baidu.com. 172800 IN NS ns3.baidu.com.
baidu.com. 172800 IN NS ns4.baidu.com.
baidu.com. 172800 IN NS ns7.baidu.com.
CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN NSEC3 1 1 0 - CK0Q1GIN43N1ARRC9OSM6QPQR81H5M9A NS SOA RRSIG DNSKEY NSEC3PARAM
CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN RRSIG NSEC3 8 2 86400 20180512044510 20180505033510 36707 com. ojEZ8Iv1J7vE5QEfjJM1YQSdFLvHhVqppd6HA3cZDZff+TdX5YSsNPf1 gVepdTn0W03LMHSmQhtZJKWE7TzTpQfJUF+UZz/Nj8CPOvRJ+hdDfoPw CIAg5ZVfzfYNSrdsOGFbkxGQ6drlE/Os5tnTcQnrDJktwBilZcohoAkn ioY=
HPVV2B5N85O7HJJRB7690IB5UVF9O9UA.com. 86400 IN NSEC3 1 1 0 - HPVVP23QUO0FP9R0A04URSICJPESKO9J NS DS RRSIG
HPVV2B5N85O7HJJRB7690IB5UVF9O9UA.com. 86400 IN RRSIG NSEC3 8 2 86400 20180514043320 20180507032320 36707 com. LkMylF9BfM38jxtdq02EKZMU5fb3BMrs5vnJl94V1eJOKXTPdJxxpU91 sSnDBhA1FXzeMFEN4yVkUu3mYXmsJ42FHShqoKkvpueRnB0ympU83Tb8 8iVA2FLX8M6227JZLss5TEqgW8maqAxLb5/ly8lQs5zPk2WY7c5UdqdV 1BQ=
;; Received 697 bytes from 192.52.178.30#53(k.gtld-servers.net) in 317 ms
www.baidu.com. 1200 IN CNAME www.a.shifen.com.
a.shifen.com. 1200 IN NS ns2.a.shifen.com.
a.shifen.com. 1200 IN NS ns4.a.shifen.com.
a.shifen.com. 1200 IN NS ns1.a.shifen.com.
a.shifen.com. 1200 IN NS ns3.a.shifen.com.
a.shifen.com. 1200 IN NS ns5.a.shifen.com.
;; Received 239 bytes from 220.181.38.10#53(ns4.baidu.com) in 54 ms
简化输出
dig 普通的输出内容比较多,不便于查看,提供了几个简化的命令输出
+nocmd
+short
+nocomment
+nostat
网友评论