DNS命令行工具使用示例
原文链接:
- https://www.tecmint.com/10-linux-dig-domain-information-groper-commands-to-query-dns/
- https://www.tecmint.com/8-linux-nslookup-commands-to-troubleshoot-dns-domain-name-server/
1 dig命令查询DNS
dig(Domain Information Groper)与nslookup工具类似,是用于DNS查询的命令行管理工具。在验证和排查DNS问题的时候非常有用,dig是BIND服务器软件套装的一部分。dig命令可以取代老的nslookup和host命令,其包含在大多数Linux发行版中。
1.1 查询域名A记录
需要注意的是命令需要使用root权限,否则显示的结果不完整
root@dev01:~# dig yahoo.com
; <<>> DiG 9.11.5-P4-5.1+deb10u3-Debian <<>> yahoo.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 37215
;; flags: qr rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; MBZ: 0x0005, udp: 1280
;; QUESTION SECTION:
;yahoo.com. IN A
;; ANSWER SECTION:
yahoo.com. 5 IN A 74.6.143.25
yahoo.com. 5 IN A 74.6.231.21
yahoo.com. 5 IN A 98.137.11.163
yahoo.com. 5 IN A 74.6.143.26
yahoo.com. 5 IN A 74.6.231.20
yahoo.com. 5 IN A 98.137.11.164
;; Query time: 3 msec
;; SERVER: 192.168.254.2#53(192.168.254.2)
;; WHEN: 二 3月 23 13:57:04 CST 2021
;; MSG SIZE rcvd: 134
上面的命令使用dig查找域名yahoo.com的A记录。dig命令会读取/etc/resolv.conf文件并查询文件中列出的DNS服务器。DNS服务器返回的结果就是dig命令展示的内容。
接下来解释一下命令的输出结果:
- 以分号;开头的行属于注释,不是信息内容
- 第一行告诉了我们dig命令的版本
- 接下来dig展示了dig收到的DNS服务器返回的header信息
- 在往后是question部分,简单的告诉了我们的查询,在本例中是一个yahoo.com的A记录查询,IN意味着这是一个Internet lookup(in the Internet class)
- answer部分告诉我们yahoo.com的IP地址
- 最后一部分是关于查询的状态信息,可以使用+nostats选项来关闭状态信息的输出:
root@dev01:~# dig yahoo.com +nostats
1.2 使用+short查询A记录
默认情况下dig的输出非常多。减少输出的一个方法是使用+short选项。
root@dev01:~# dig yahoo.com +short
74.6.231.20
98.137.11.164
74.6.143.25
74.6.231.21
98.137.11.163
74.6.143.26
NOTE:默认情况下dig查询的是指定域名的A记录,但是也可以指定其他记录。MX或Mail eXchange记录会告诉你邮件服务器,如果将将邮件路由。如TTL, SOA等
1.3 查询Domain的MX记录
root@dev01:~# dig yahoo.com mx
; <<>> DiG 9.11.5-P4-5.1+deb10u3-Debian <<>> yahoo.com mx
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: FORMERR, id: 51267
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; MBZ: 0x0005, udp: 4096
; COOKIE: a5117cf073d6a63f (echoed)
;; QUESTION SECTION:
;yahoo.com. IN MX
;; Query time: 10 msec
;; SERVER: 192.168.254.2#53(192.168.254.2)
;; WHEN: 二 3月 23 14:13:04 CST 2021
;; MSG SIZE rcvd: 50
1.4 查询soa
root@dev01:~# dig yahoo.com soa
; <<>> DiG 9.11.5-P4-5.1+deb10u3-Debian <<>> yahoo.com soa
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: FORMERR, id: 13046
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; MBZ: 0x0005, udp: 4096
; COOKIE: 56c24c94b8b16b5f (echoed)
;; QUESTION SECTION:
;yahoo.com. IN SOA
;; Query time: 11 msec
;; SERVER: 192.168.254.2#53(192.168.254.2)
;; WHEN: 二 3月 23 14:13:44 CST 2021
;; MSG SIZE rcvd: 50
1.5 查询ttl
root@dev01:~# dig yahoo.com ttl
; <<>> DiG 9.11.5-P4-5.1+deb10u3-Debian <<>> yahoo.com ttl
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: FORMERR, id: 42523
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; MBZ: 0x0005, udp: 4096
; COOKIE: ba90b71a96e11a2b (echoed)
;; QUESTION SECTION:
;yahoo.com. IN A
;; Query time: 21 msec
;; SERVER: 192.168.254.2#53(192.168.254.2)
;; WHEN: 二 3月 23 14:14:49 CST 2021
;; MSG SIZE rcvd: 50
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 47893
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;ttl. IN A
;; Query time: 5 msec
;; SERVER: 192.168.254.2#53(192.168.254.2)
;; WHEN: 二 3月 23 14:14:49 CST 2021
;; MSG SIZE rcvd: 21
1.6 仅查询answer部分
root@dev01:~# dig yahoo.com +nocomments +noquestion +noauthority +noadditional +nostats
1.7 查询所有的DNS记录类型
dig yahoo.com ANY +noall +answer
1.8 DNS反向查询
root@dev01:~# dig -x 74.6.231.21 +short
media-router-fp74.prod.media.vip.ne1.yahoo.com.
1.9 查询多种DNS记录
通过指定MX,NS来查询网站的多个DNS记录
root@dev01:~# dig yahoo.com mx +noall +answer redhat.com ns +noall +answer
可以在$HOME目录下创建.digrc文件来存储dig默认的选项。
2 nslookup
nslookup可用于查询DNS resource records(RR).nslookup可以以两种模式运行:交互式和非交互式。
2.1 查找域名的A记录(IP地址)
root@dev01:~# nslookup yahoo.com
# nslookup yahoo.com
Server: 4.2.2.2
Address: 4.2.2.2#53
Non-authoritative answer:
Name: yahoo.com
Address: 72.30.38.140
Name: yahoo.com
Address: 98.139.183.24
Name: yahoo.com
Address: 209.191.122.70
上面的命令使用4.2.2.2公共DNS服务器查询域名www.yahoo.com,Non-authoritative answer部分展示了www.yahoo.com的A记录
2.2 反向域名查找
# nslookup 209.191.122.70
Server: 4.2.2.2
Address: 4.2.2.2#53
Non-authoritative answer:
70.122.191.209.in-addr.arpa name = ir1.fp.vip.mud.yahoo.com.
Authoritative answers can be found from:
2.3 特定域名查找
# nslookup ir1.fp.vip.mud.yahoo.com.
Server: 4.2.2.2
Address: 4.2.2.2#53
Non-authoritative answer:
Name: ir1.fp.vip.mud.yahoo.com
Address: 209.191.122.70
2.4 MX(Mail Exchange)记录查询
# nslookup -query=mx www.yahoo.com
Server: 4.2.2.2
Address: 4.2.2.2#53
Non-authoritative answer:
www.yahoo.com canonical name = fd-fp3.wg1.b.yahoo.com.
fd-fp3.wg1.b.yahoo.com canonical name = ds-fp3.wg1.b.yahoo.com.
ds-fp3.wg1.b.yahoo.com canonical name = ds-any-fp3-lfb.wa1.b.yahoo.com.
ds-any-fp3-lfb.wa1.b.yahoo.com canonical name = ds-any-fp3-real.wa1.b.yahoo.com.
Authoritative answers can be found from:
wa1.b.yahoo.com
origin = yf1.yahoo.com
mail addr = hostmaster.yahoo-inc.com
serial = 1344827307
refresh = 30
retry = 30
expire = 86400
minimum = 1800
MX记录用来将域名映射到域名的邮件服务器列表。这会告诉我们任何发送或接受到@yahoo.com的邮件都会被路由到邮件服务器。
2.5 查询NS(name server)记录
# nslookup -query=ns www.yahoo.com
Server: 4.2.2.2
Address: 4.2.2.2#53
Non-authoritative answer:
www.yahoo.com canonical name = fd-fp3.wg1.b.yahoo.com.
fd-fp3.wg1.b.yahoo.com canonical name = ds-fp3.wg1.b.yahoo.com.
ds-fp3.wg1.b.yahoo.com canonical name = ds-any-fp3-lfb.wa1.b.yahoo.com.
ds-any-fp3-lfb.wa1.b.yahoo.com canonical name = ds-any-fp3-real.wa1.b.yahoo.com.
Authoritative answers can be found from:
wa1.b.yahoo.com
origin = yf1.yahoo.com
mail addr = hostmaster.yahoo-inc.com
serial = 1344827782
refresh = 30
retry = 30
expire = 86400
minimum = 1800
2.6 查询SOA(Start of Authority)记录
# nslookup -type=soa www.yahoo.com
Server: 4.2.2.2
Address: 4.2.2.2#53
Non-authoritative answer:
www.yahoo.com canonical name = fd-fp3.wg1.b.yahoo.com.
fd-fp3.wg1.b.yahoo.com canonical name = ds-fp3.wg1.b.yahoo.com.
ds-fp3.wg1.b.yahoo.com canonical name = ds-any-fp3-lfb.wa1.b.yahoo.com.
ds-any-fp3-lfb.wa1.b.yahoo.com canonical name = ds-any-fp3-real.wa1.b.yahoo.com.
Authoritative answers can be found from:
wa1.b.yahoo.com
origin = yf1.yahoo.com
mail addr = hostmaster.yahoo-inc.com
serial = 1344827965
refresh = 30
retry = 30
expire = 86400
minimum = 1800
2.7 查询所有的DNS记录
# nslookup -query=any yahoo.com
Server: 4.2.2.2
Address: 4.2.2.2#53
Non-authoritative answer:
yahoo.com
origin = ns1.yahoo.com
mail addr = hostmaster.yahoo-inc.com
serial = 2012081016
refresh = 3600
retry = 300
expire = 1814400
minimum = 600
Name: yahoo.com
Address: 98.139.183.24
Name: yahoo.com
Address: 209.191.122.70
Name: yahoo.com
Address: 72.30.38.140
yahoo.com mail exchanger = 1 mta7.am0.yahoodns.net.
yahoo.com mail exchanger = 1 mta5.am0.yahoodns.net.
yahoo.com mail exchanger = 1 mta6.am0.yahoodns.net.
yahoo.com nameserver = ns3.yahoo.com.
yahoo.com nameserver = ns4.yahoo.com.
yahoo.com nameserver = ns2.yahoo.com.
yahoo.com nameserver = ns8.yahoo.com.
yahoo.com nameserver = ns1.yahoo.com.
yahoo.com nameserver = ns6.yahoo.com.
yahoo.com nameserver = ns5.yahoo.com.
Authoritative answers can be found from:
2.8 Debug模式
Debug模式将输出更多信息,如TTL。
# nslookup -debug yahoo.com
> set debug
> yahoo.com
Server: 4.2.2.2
Address: 4.2.2.2#53
------------
QUESTIONS:
yahoo.com, type = A, class = IN
ANSWERS:
-> yahoo.com
internet address = 72.30.38.140
ttl = 1523
-> yahoo.com
internet address = 98.139.183.24
ttl = 1523
-> yahoo.com
internet address = 209.191.122.70
ttl = 1523
AUTHORITY RECORDS:
ADDITIONAL RECORDS:
------------
Non-authoritative answer:
Name: yahoo.com
Address: 72.30.38.140
Name: yahoo.com
Address: 98.139.183.24
Name: yahoo.com
Address: 209.191.122.70
