本文章內容:
1. dig
2. host
3. nslookup
環境:
# cat /etc/redhat-release
CentOS Linux release 7.8.2003 (Core)
# ip a | grep ens33
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
inet 192.168.128.175/24 brd 192.168.128.255 scope global noprefixroute dynamic ens33
1. dig
1.1 語法
a. 正向解析:dig [-t RR_TYPE] name [@server] [query options]
● -t:指明資源記錄類型RR_TYPE
● name:指明要解析的FQDN
● @server:指名要通過哪一個DNS伺服器來解析
● query options:使用其它的查詢選項,可以寫在後面也可以寫在前面。常用的選項:
■ +[no]trace:[不]跟蹤解析過程
■ +[no]recurse:[不]遞歸解析
b.反向解析:dig -x IP
c. 模擬完全區域傳送:dig -t axfr DOMAIN [@server]
1.2 範例
1.2.1 查詢www.baidu.com的A記錄
# dig -t A www.baidu.com
; <<>> DiG 9.11.4-P2-RedHat-9.11.4-16.P2.el7_8.6 <<>> -t A www.baidu.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 27543
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 2, ADDITIONAL: 3
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION: #詢問的問題
;www.baidu.com. IN A
;; ANSWER SECTION: #答案段
www.baidu.com. 1200 IN CNAME www.a.shifen.com.
www.a.shifen.com. 300 IN CNAME www.wshifen.com.
www.wshifen.com. 300 IN A 103.235.46.39
;; AUTHORITY SECTION: #權威段
wshifen.com. 1200 IN NS ns4.wshifen.com.
wshifen.com. 1200 IN NS ns3.wshifen.com.
;; ADDITIONAL SECTION: #額外段
ns3.wshifen.com. 172800 IN A 180.76.8.250
ns4.wshifen.com. 172800 IN A 180.76.9.250
;; Query time: 2978 msec #查詢時間
;; SERVER: 192.168.128.175#53(192.168.128.175) #由哪個DNS伺服器查詢的
;; WHEN: Sun Aug 16 02:47:05 EDT 2020 #何時查詢的
;; MSG SIZE rcvd: 179
1.2.2 跟蹤解析過程查詢www.baidu.com的A記錄
# dig +trace -t A www.baidu.com
; <<>> DiG 9.11.4-P2-RedHat-9.11.4-16.P2.el7_8.6 <<>> +trace -t A www.baidu.com
;; global options: +cmd
. 499284 IN NS h.root-servers.net.
. 499284 IN NS d.root-servers.net.
. 499284 IN NS l.root-servers.net.
. 499284 IN NS c.root-servers.net.
. 499284 IN NS e.root-servers.net.
. 499284 IN NS a.root-servers.net.
. 499284 IN NS k.root-servers.net.
. 499284 IN NS f.root-servers.net.
. 499284 IN NS j.root-servers.net.
. 499284 IN NS m.root-servers.net.
. 499284 IN NS b.root-servers.net.
. 499284 IN NS i.root-servers.net.
. 499284 IN NS g.root-servers.net.
;; Received 811 bytes from 192.168.128.175#53(192.168.128.175) in 0 ms #第一步找根
com. 172800 IN NS a.gtld-servers.net.
com. 172800 IN NS b.gtld-servers.net.
com. 172800 IN NS c.gtld-servers.net.
com. 172800 IN NS d.gtld-servers.net.
com. 172800 IN NS e.gtld-servers.net.
com. 172800 IN NS f.gtld-servers.net.
com. 172800 IN NS g.gtld-servers.net.
com. 172800 IN NS h.gtld-servers.net.
com. 172800 IN NS i.gtld-servers.net.
com. 172800 IN NS j.gtld-servers.net.
com. 172800 IN NS k.gtld-servers.net.
com. 172800 IN NS l.gtld-servers.net.
com. 172800 IN NS m.gtld-servers.net.
com. 86400 IN DS 30909 8 2 E2D3C916F6DEEAC73294E8268FB5885044A833FC5459588F4A9184CF C41A5766
com. 86400 IN RRSIG DS 8 1 86400 20200829050000 20200816040000 46594 . AESA72PiKTThiKUkNvo5SRdmYRpyFxR468dVvlls6iIO1fdIg7GZfmNs 5j2ua6y1ybv45XVKY3G3KPCBCygQPSituzeKntIui3XldrX1Na1KiV40 P8afAKkjx3Mdrse7cSIjJgecydM919J7R5CDTiK3U+U3bGr1UB5/M4wl MnTY1XyT3HmRILLNVFyOo3Vi4VkYpsz0q31D+TN71SW/12zP2ydX1ekU jS3entDSAfbYwlBF/1+NOgmzpZQMhP0ZHcEHV2L//PGWFeQnyzgo17wa Q0Jywk2xDNutXaAgBdWOm/l4zDp+7+nr+hpJgf+sX432vDJoQX4Wbi04 a9vTOw==
;; Received 1173 bytes from 199.7.83.42#53(l.root-servers.net) in 24 ms #第二步找頂級域com.
baidu.com. 172800 IN NS ns2.baidu.com.
baidu.com. 172800 IN NS ns3.baidu.com.
baidu.com. 172800 IN NS ns4.baidu.com.
baidu.com. 172800 IN NS ns1.baidu.com.
baidu.com. 172800 IN NS ns7.baidu.com.
CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN NSEC3 1 1 0 - CK0Q1GIN43N1ARRC9OSM6QPQR81H5M9A NS SOA RRSIG DNSKEY NSEC3PARAM
CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN RRSIG NSEC3 8 2 86400 20200821044108 20200814033108 24966 com. srYejJGDaS8biq7gkT/98eyupbGi8WF+qmwRzKxzffnvWEc1T6kRMwnw B1k/VOtM95cdlXl2MlcnIGMXnyfcSsORiGJeZSVLwAdRQFcZrM+dNjP8 7DrVau2QDGqwz3t+31u5vOZPtmvbKFJwsfAqQySxmAnWD4ngCP+XJxBT GQjabcmDws6N/3pLXuuqN77u4OURSX/b0XWUIEv8CDVPWQ==
HPVUBGFGRLPQTHPKEA9HT5B4FJOQFLG8.com. 86400 IN NSEC3 1 1 0 - HPVVN3Q5E5GOQP2QFE2LEM4SVB9C0SJ6 NS DS RRSIG
HPVUBGFGRLPQTHPKEA9HT5B4FJOQFLG8.com. 86400 IN RRSIG NSEC3 8 2 86400 20200823061219 20200816050219 24966 com. lWhzZ4bMx5wxDKJ5QVIp3Q5pxsFEdkldF7nMOqF1dssb5JZEXeBF48ph 6+lzUrnt25jwBIKBI3We4On21jSBERI78PKNhXvoAofoOX5myjT3F6mJ Q1LGoQowg5bCXmVYVX+jtgJVUmiqJFrIODH03UMr66FyL85X+Rqx0WT4 XOP8eBe6YPclzUlSGPQgtXgwQVO+3DoGsz07TVUMZc7pUQ==
;; Received 761 bytes from 192.48.79.30#53(j.gtld-servers.net) in 159 ms #第三步找二級域baidu.com.
www.baidu.com. 1200 IN CNAME www.a.shifen.com. #找到www.baidu.com.主機
a.shifen.com. 1200 IN NS ns2.a.shifen.com.
a.shifen.com. 1200 IN NS ns1.a.shifen.com.
a.shifen.com. 1200 IN NS ns3.a.shifen.com.
a.shifen.com. 1200 IN NS ns4.a.shifen.com.
a.shifen.com. 1200 IN NS ns5.a.shifen.com.
;; Received 239 bytes from 112.80.248.64#53(ns3.baidu.com) in 47 ms #第四步找三級域a.shifen.com.就查詢到了www.baidu.com主機的A記錄
1.2.3 查詢168.95.1.1的反向解析
# dig -x 168.95.1.1
; <<>> DiG 9.11.4-P2-RedHat-9.11.4-16.P2.el7_8.6 <<>> -x 168.95.1.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6870
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 5
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;1.1.95.168.in-addr.arpa. IN PTR
;; ANSWER SECTION: #答案段
1.1.95.168.in-addr.arpa. 86400 IN PTR dns.hinet.net.
;; AUTHORITY SECTION:
95.168.in-addr.arpa. 172800 IN NS ans2.hinet.net.
95.168.in-addr.arpa. 172800 IN NS ans1.hinet.net.
;; ADDITIONAL SECTION:
ans1.hinet.net. 86400 IN A 168.95.192.15
ans2.hinet.net. 86400 IN A 168.95.1.15
ans1.hinet.net. 86400 IN AAAA 2001:b000:168::1:100:1
ans2.hinet.net. 86400 IN AAAA 2001:b000:168::2:100:1
;; Query time: 940 msec
;; SERVER: 192.168.128.175#53(192.168.128.175)
;; WHEN: Sun Aug 16 07:37:13 EDT 2020
;; MSG SIZE rcvd: 205
#提示:有正向解析不一定有反向解析
2. host
2.1 語法
a. 正向解析:host [-t RR_TYPE] name [server]
● -t:指明資源記錄類型RR_TYPE
● name:指明要解析的FQDN
● @server:指名要通過哪一個DNS伺服器來解析
b. 反向解析:host -t PTR IP
2.2 範例
2.2.1 查詢www.baidu.com的A記錄
[root@localhost ~]# host www.baidu.com #預設查詢A記錄,所以不用使用-t A
www.baidu.com is an alias for www.a.shifen.com.
www.a.shifen.com is an alias for www.wshifen.com.
www.wshifen.com has address 103.235.46.39
2.2.2 查詢baidu.com域的NS記錄
# host -t NS baidu.com
baidu.com name server ns4.baidu.com.
baidu.com name server ns2.baidu.com.
baidu.com name server ns7.baidu.com.
baidu.com name server ns3.baidu.com.
baidu.com name server dns.baidu.com.
2.2.3 查詢baidu.com域的MX記錄
# host -t MX baidu.com
baidu.com mail is handled by 20 mx50.baidu.com.
baidu.com mail is handled by 15 mx.n.shifen.com.
baidu.com mail is handled by 20 jpmx.baidu.com.
baidu.com mail is handled by 20 mx1.baidu.com.
baidu.com mail is handled by 10 mx.maillb.baidu.com.
2.2.4 查詢168.95.1.1的反向解析
# host -t PTR 168.95.1.1
1.1.95.168.in-addr.arpa domain name pointer dns.hinet.net.
3. nslookup
有兩種使用模式:(1) 命令模式,(2) 交互模式
3.1 語法
nslookup [-options] [name] [server]
● [name]:指明要解析的FQDN,若使用命令模式則要寫,若使用交互模式則不用寫
● [server]:指名要通過哪一個DNS伺服器來解析
3.2 範例
3.2.1 命令模式
3.2.1.1 查詢www.baidu.com的A記錄
# nslookup www.baidu.com
Server: 192.168.128.175 #哪個DNS伺服器查詢的
Address: 192.168.128.175#53 #查詢DNS伺服器的IP及PORT
Non-authoritative answer:
www.baidu.com canonical name = www.a.shifen.com. #www.baidu.com是www.a.shifen.com.的別名
www.a.shifen.com canonical name = www.wshifen.com. #www.a.shifen.com是www.wshifenc.om.的別名
Name: www.wshifen.com
Address: 103.235.46.39 #最終查詢到www.wshifen.com主機的IP
3.2.2 交互模式
3.2.2.1 查詢www.baidu.com的A記錄
# nslookup
> server 192.168.128.175 #指明要使用哪個DNS伺服器進行查詢,如果不指明的話則使用本機設定的
Default server: 192.168.128.175
Address: 192.168.128.175#53
> set q=A #指明要查詢的資源記錄類型
> www.baidu.com #輸入要查詢的FQDN
Server: 192.168.128.175
Address: 192.168.128.175#53
Non-authoritative answer:
www.baidu.com canonical name = www.a.shifen.com.
www.a.shifen.com canonical name = www.wshifen.com.
Name: www.wshifen.com
Address: 103.235.46.39
> #可以繼續輸入要查詢的FQDN,輸入exit則退出