Dig挖出DNS秘密
dig(Domain Information Groper)类似nslookup,也是DNS查询工具。
一、最简单dig使用方法
$ dig ; <<>> DiG 9.8.3-P1 <<>> ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 61897 ;; flags: qr rd ra; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 13 ;; QUESTION SECTION: ;. IN NS ;; ANSWER SECTION: . 268800 IN NS k.root-servers.net. . 268800 IN NS g.root-servers.net. . 268800 IN NS e.root-servers.net. . 268800 IN NS m.root-servers.net. . 268800 IN NS j.root-servers.net. . 268800 IN NS b.root-servers.net. . 268800 IN NS l.root-servers.net. . 268800 IN NS d.root-servers.net. . 268800 IN NS a.root-servers.net. . 268800 IN NS i.root-servers.net. . 268800 IN NS h.root-servers.net. . 268800 IN NS f.root-servers.net. . 268800 IN NS c.root-servers.net. ;; ADDITIONAL SECTION: a.root-servers.net. 459833 IN A 198.41.0.4 a.root-servers.net. 506943 IN AAAA 2001:503:ba3e::2:30 b.root-servers.net. 506943 IN A 192.228.79.201 b.root-servers.net. 506943 IN AAAA 2001:500:84::b c.root-servers.net. 506943 IN A 192.33.4.12 c.root-servers.net. 506943 IN AAAA 2001:500:2::c d.root-servers.net. 506943 IN A 199.7.91.13 d.root-servers.net. 506943 IN AAAA 2001:500:2d::d e.root-servers.net. 506943 IN A 192.203.230.10 f.root-servers.net. 506943 IN A 192.5.5.241 f.root-servers.net. 506943 IN AAAA 2001:500:2f::f g.root-servers.net. 506943 IN A 192.112.36.4 h.root-servers.net. 506943 IN A 198.97.190.53 ;; Query time: 1 msec ;; SERVER: 202.119.230.8#53(202.119.230.8) ;; WHEN: Thu Mar 31 12:24:27 2016 ;; MSG SIZE rcvd: 496
dig会向默认的上连DNS服务器查询“.”(根域)的NS记录。
二、dig加一个点
$ dig . ; <<>> DiG 9.8.3-P1 <<>> . ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 39726 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;. IN A ;; AUTHORITY SECTION: . 8569 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2016033001 1800 900 604800 86400 ;; Query time: 0 msec ;; SERVER: 202.119.230.8#53(202.119.230.8) ;; WHEN: Thu Mar 31 12:26:25 2016 ;; MSG SIZE rcvd: 92
三、使用Google DNS查询baidu.com的A记录
$ dig @8.8.8.8 www.baidu.com A ; <<>> DiG 9.8.3-P1 <<>> @8.8.8.8 www.baidu.com A ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 23814 ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;www.baidu.com. IN A ;; ANSWER SECTION: www.baidu.com. 536 IN CNAME www.a.shifen.com. www.a.shifen.com. 299 IN A 119.75.218.70 www.a.shifen.com. 299 IN A 119.75.217.109 ;; Query time: 371 msec ;; SERVER: 8.8.8.8#53(8.8.8.8) ;; WHEN: Thu Mar 31 12:27:57 2016 ;; MSG SIZE rcvd: 90
dig的基本命令格式:dig @dnsserver name querytype
如果你设置的dnsserver是一个域名,那么dig会首先通过默认的上连DNS服务器去查询对应的IP地址,然后再以设置的dnsserver为上连DNS服务器。
如果你没有设置@dnsserver,那么dig就会依次使用/etc/resolv.conf里的地址作为上连DNS服务器。
而对于querytype,如果你看过我上一篇有关nslookup命令的讲解,那么你应该对querytype有所了解,你可以设置A/AAAA/PTR/MX/ANY等值,默认是查询A记录。
四、一些常用选项
-c,设置协议类型(class),包括IN(默认)、CH和HS。
-f,支持从一个文件中读取内容进行批量查询。
-4和-6,用于设置使用哪种传输协议(IPv4/IPv6)进行查询。
-t,设置查询的类型,默认A。
-x,逆向查询选项,查询IP地址到域名的映射关系。
$ cat querylist //文件内容,共有两个域名需要查询 www.baidu.com www.sohu.com $ dig -f querylist -c IN -t A//设置-f参数开始批量查询 ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6_3.2 <<>> www.baidu.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<> DiG 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6_3.2 <<>> www.sohu.com ;; Got answer: ;; ->>HEADER<</code>
五、dig特有查询选项
1.TCP代替UDP
dig +tcp www.baidu.com ; <<>> DiG 9.8.3-P1 <<>> +tcp www.baidu.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 65322 ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 5, ADDITIONAL: 5
2.默认追加域
dig +domain=baidu.com image ; <<>> DiG 9.8.3-P1 <<>> +domain=baidu.com image ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26514 ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 5, ADDITIONAL: 5
3.跟踪dig全过程
$ dig +trace ww.baidu.com ; <<>> DiG 9.8.3-P1 <<>> +trace ww.baidu.com ;; global options: +cmd . 267154 IN NS d.root-servers.net. . 267154 IN NS h.root-servers.net. . 267154 IN NS e.root-servers.net. . 267154 IN NS i.root-servers.net. . 267154 IN NS b.root-servers.net. . 267154 IN NS k.root-servers.net. . 267154 IN NS m.root-servers.net. . 267154 IN NS g.root-servers.net. . 267154 IN NS f.root-servers.net. . 267154 IN NS a.root-servers.net. . 267154 IN NS c.root-servers.net. . 267154 IN NS l.root-servers.net. . 267154 IN NS j.root-servers.net. ;; Received 496 bytes from 202.119.230.8#53(202.119.230.8) in 4 ms //从本地DNS查找到根域DNS列表 com. 172800 IN NS a.gtld-servers.net. com. 172800 IN NS b.gtld-servers.net. com. 172800 IN NS c.gtld-servers.net. com. 172800 IN NS d.gtld-servers.net. com. 172800 IN NS e.gtld-servers.net. com. 172800 IN NS f.gtld-servers.net. com. 172800 IN NS g.gtld-servers.net. com. 172800 IN NS h.gtld-servers.net. com. 172800 IN NS i.gtld-servers.net. com. 172800 IN NS j.gtld-servers.net. com. 172800 IN NS k.gtld-servers.net. com. 172800 IN NS l.gtld-servers.net. com. 172800 IN NS m.gtld-servers.net. ;; Received 490 bytes from 2001:7fd::1#53(2001:7fd::1) in 10233 ms //选择了b.root-servers.net这台根域DNS来查找cn.域DNS列表 baidu.com. 172800 IN NS dns.baidu.com. baidu.com. 172800 IN NS ns2.baidu.com. baidu.com. 172800 IN NS ns3.baidu.com. baidu.com. 172800 IN NS ns4.baidu.com. baidu.com. 172800 IN NS ns7.baidu.com. ;; Received 200 bytes from 192.55.83.30#53(192.55.83.30) in 422 ms //选择了c.dns.cn这台cn.域DNS服务器来查找roclinux.cn的DNS列表 ww.baidu.com. 7200 IN CNAME ps_other.a.shifen.com. a.shifen.com. 1200 IN NS ns4.a.shifen.com. a.shifen.com. 1200 IN NS ns5.a.shifen.com. a.shifen.com. 1200 IN NS ns1.a.shifen.com. a.shifen.com. 1200 IN NS ns3.a.shifen.com. a.shifen.com. 1200 IN NS ns2.a.shifen.com. ;; Received 232 bytes from 220.181.38.10#53(220.181.38.10) in 40 ms
dig非常著名的一个查询选项就是+trace,当使用这个查询选项后,dig会从根域查询一直跟踪直到查询到最终结果,并将整个过程信息输出出来。
4.精简dig输出
(1)+nocmd,节省输出dig版本信息
(2)+short,输出最简的CHAME和A记录,其他不输出
(3)+nocomment,节省输出dig的详细注释信息
(4)+nostat,最终统计信息不输出