DNS查询工具使用浅析:host、nslookup、dig

  作者:zhanhailiang 日期:2014-11-01

1. host

DNS查询工具使用浅析:host、nslookup、dig_第1张图片

  1. host提供域名到IP地址的双向解析;
  2. host默认通过/etc/resolv.conf读取Name Server来解析,除非提供可选参数server;
  3. -a参数相当于进行ANY查询;
[root@~]# host pic1.vip.com
pic1.vip.com is an alias for pic1.vip.com.wscdns.com.
pic1.vip.com.wscdns.com is an alias for vipshop.xdwscache.glb0.lxdns.com.
vipshop.xdwscache.glb0.lxdns.com has address 111.206.217.105
vipshop.xdwscache.glb0.lxdns.com has address 125.39.1.138
vipshop.xdwscache.glb0.lxdns.com has address 218.59.186.76
vipshop.xdwscache.glb0.lxdns.com has address 111.206.169.23
[root@~]# host pic1.vip.com 8.8.8.8
Using domain server:
Name: 8.8.8.8
Address: 8.8.8.8#53
Aliases: 
 
pic1.vip.com is an alias for pic1.vip.com.wscdns.com.
pic1.vip.com.wscdns.com is an alias for vipshop.xdwscache.glb0.lxdns.com.
vipshop.xdwscache.glb0.lxdns.com has address 125.39.1.138
vipshop.xdwscache.glb0.lxdns.com has address 111.206.169.23
vipshop.xdwscache.glb0.lxdns.com has address 111.206.217.105
vipshop.xdwscache.glb0.lxdns.com has address 218.59.186.76
[root@~]# host -a pic1.vip.com 8.8.8.8
Trying "pic1.vip.com"
Using domain server:
Name: 8.8.8.8
Address: 8.8.8.8#53
Aliases: 
 
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 39471
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
 
;; QUESTION SECTION:
;pic1.vip.com.			IN	ANY
 
;; ANSWER SECTION:
pic1.vip.com.		3975	IN	CNAME	pic1.vip.com.wscdns.com.
 
Received 64 bytes from 8.8.8.8#53 in 412 ms

2. nslookup

DNS查询工具使用浅析:host、nslookup、dig_第2张图片

  1. nslookup提供交互式和非交互式两种查询方式;
[root@~]# nslookup 
> pic1.vip.com
Server:		10.202.72.116
Address:	10.202.72.116#53
 
Non-authoritative answer:
pic1.vip.com	canonical name = pic1.vip.com.wscdns.com.
pic1.vip.com.wscdns.com	canonical name = vipshop.xdwscache.glb0.lxdns.com.
Name:	vipshop.xdwscache.glb0.lxdns.com
Address: 125.39.1.138
Name:	vipshop.xdwscache.glb0.lxdns.com
Address: 218.59.186.76
Name:	vipshop.xdwscache.glb0.lxdns.com
Address: 111.206.169.23
Name:	vipshop.xdwscache.glb0.lxdns.com
Address: 111.206.217.105
> exit
 
[root@~]# nslookup pic1.vip.com
Server:		10.202.72.116
Address:	10.202.72.116#53
 
Non-authoritative answer:
pic1.vip.com	canonical name = pic1.vip.com.wscdns.com.
pic1.vip.com.wscdns.com	canonical name = vipshop.xdwscache.glb0.lxdns.com.
Name:	vipshop.xdwscache.glb0.lxdns.com
Address: 111.206.217.105
Name:	vipshop.xdwscache.glb0.lxdns.com
Address: 125.39.1.138
Name:	vipshop.xdwscache.glb0.lxdns.com
Address: 218.59.186.76
Name:	vipshop.xdwscache.glb0.lxdns.com
Address: 111.206.169.23

3. dig

DNS查询工具使用浅析:host、nslookup、dig_第3张图片

  1. dig是一个询问DNS域名服务的灵活工具,提供了来自被要求的,返回名称服务DNS的查询和显示的答案;大多数DNS管理员使用dig来排除DNS故障和问题;
  2. 其基本使用方法:dig [@server] name [type];

1. 普通用法:dig pic1.vip.com

[root@~]# dig pic1.vip.com
 
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.23.rc1.el6_5.1 <<>> pic1.vip.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 65138
;; flags: qr rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 5, ADDITIONAL: 5
 
;; QUESTION SECTION:
;pic1.vip.com.			IN	A
 
;; ANSWER SECTION:
pic1.vip.com.		4518	IN	CNAME	pic1.vip.com.wscdns.com.
pic1.vip.com.wscdns.com. 28	IN	CNAME	vipshop.xdwscache.glb0.lxdns.com.
vipshop.xdwscache.glb0.lxdns.com. 120 IN A	218.59.186.76
vipshop.xdwscache.glb0.lxdns.com. 120 IN A	111.206.169.23
vipshop.xdwscache.glb0.lxdns.com. 120 IN A	111.206.217.105
vipshop.xdwscache.glb0.lxdns.com. 120 IN A	125.39.1.138
 
;; AUTHORITY SECTION:
xdwscache.glb0.lxdns.com. 162890 IN	NS	ns1.glb0.lxdns.com.
xdwscache.glb0.lxdns.com. 162890 IN	NS	ns4.glb0.lxdns.com.
xdwscache.glb0.lxdns.com. 162890 IN	NS	ns3.glb0.lxdns.com.
xdwscache.glb0.lxdns.com. 162890 IN	NS	ns5.glb0.lxdns.com.
xdwscache.glb0.lxdns.com. 162890 IN	NS	ns2.glb0.lxdns.com.
 
;; ADDITIONAL SECTION:
ns1.glb0.lxdns.com.	400	IN	A	218.60.106.128
ns2.glb0.lxdns.com.	400	IN	A	111.206.217.82
ns3.glb0.lxdns.com.	400	IN	A	101.227.66.164
ns4.glb0.lxdns.com.	400	IN	A	111.206.217.82
ns5.glb0.lxdns.com.	400	IN	A	222.132.5.102
 
;; Query time: 21 msec
;; SERVER: 10.202.72.116#53(10.202.72.116)
;; WHEN: Sat Nov  1 00:42:27 2014
;; MSG SIZE  rcvd: 341

2. 进行ANY查询:

[root@~]# dig vip.com ANY
 
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.23.rc1.el6_5.1 <<>> vip.com ANY
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 59219
;; flags: qr rd ra; QUERY: 1, ANSWER: 7, AUTHORITY: 2, ADDITIONAL: 2
 
;; QUESTION SECTION:
;vip.com.			IN	ANY
 
;; ANSWER SECTION:
vip.com.		171039	IN	NS	ns7.vipshop.com.
vip.com.		171039	IN	NS	ns8.vipshop.com.
vip.com.		4451	IN	A	183.61.89.84
vip.com.		4451	IN	A	183.61.89.20
vip.com.		4451	IN	TXT	"v=spf1  ip4:122.11.55.162  ip4:180.186.22.7 ip4:122.11.55.163 ip4:210.21.83.149 ip4:210.21.83.150  ip4:183.61.189.204 ip4:121.11.65.219 ip4:61.155.128.141 include:easeye-edm.com a mx ~all"
vip.com.		4451	IN	MX	1 mail.vip.com.
vip.com.		4451	IN	SOA	ns7.vip.com. it.vip.com. 2014103116 1800 600 604800 1200
 
;; AUTHORITY SECTION:
vip.com.		171039	IN	NS	ns8.vipshop.com.
vip.com.		171039	IN	NS	ns7.vipshop.com.
 
;; ADDITIONAL SECTION:
ns7.vipshop.com.	13022	IN	A	14.17.85.62
ns8.vipshop.com.	13022	IN	A	183.61.89.62
 
;; Query time: 0 msec
;; SERVER: 10.202.72.116#53(10.202.72.116)
;; WHEN: Sat Nov  1 00:42:41 2014
;; MSG SIZE  rcvd: 425

3. 使用+trace参数,追踪查询过程:

[root@~]# dig pic1.vip.com +trace
 
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.23.rc1.el6_5.1 <<>> pic1.vip.com +trace
;; global options: +cmd
.			483723	IN	NS	e.root-servers.net.
.			483723	IN	NS	g.root-servers.net.
.			483723	IN	NS	m.root-servers.net.
.			483723	IN	NS	a.root-servers.net.
.			483723	IN	NS	b.root-servers.net.
.			483723	IN	NS	c.root-servers.net.
.			483723	IN	NS	i.root-servers.net.
.			483723	IN	NS	f.root-servers.net.
.			483723	IN	NS	j.root-servers.net.
.			483723	IN	NS	k.root-servers.net.
.			483723	IN	NS	l.root-servers.net.
.			483723	IN	NS	h.root-servers.net.
.			483723	IN	NS	d.root-servers.net.
;; Received 496 bytes from 10.202.72.116#53(10.202.72.116) in 1 ms
 
com.			172800	IN	NS	a.gtld-servers.net.
com.			172800	IN	NS	b.gtld-servers.net.
com.			172800	IN	NS	c.gtld-servers.net.
com.			172800	IN	NS	d.gtld-servers.net.
com.			172800	IN	NS	e.gtld-servers.net.
com.			172800	IN	NS	f.gtld-servers.net.
com.			172800	IN	NS	g.gtld-servers.net.
com.			172800	IN	NS	h.gtld-servers.net.
com.			172800	IN	NS	i.gtld-servers.net.
com.			172800	IN	NS	j.gtld-servers.net.
com.			172800	IN	NS	k.gtld-servers.net.
com.			172800	IN	NS	l.gtld-servers.net.
com.			172800	IN	NS	m.gtld-servers.net.
;; Received 490 bytes from 199.7.83.42#53(199.7.83.42) in 27 ms
 
vip.com.		172800	IN	NS	ns7.vipshop.com.
vip.com.		172800	IN	NS	ns8.vipshop.com.
;; Received 106 bytes from 192.43.172.30#53(192.43.172.30) in 291 ms
 
pic1.vip.com.		7200	IN	CNAME	pic1.vip.com.wscdns.com.
;; Received 64 bytes from 183.61.89.62#53(183.61.89.62) in 37 ms

4. 指定name server,使用+trace参数,可以看到第一步是通过指定的@server查询根服务器:

[root@~]# dig @8.8.8.8 pic1.vip.com +trace
 
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.23.rc1.el6_5.1 <<>> @8.8.8.8 pic1.vip.com +trace
; (1 server found)
;; global options: +cmd
.			18601	IN	NS	a.root-servers.net.
.			18601	IN	NS	b.root-servers.net.
.			18601	IN	NS	c.root-servers.net.
.			18601	IN	NS	d.root-servers.net.
.			18601	IN	NS	e.root-servers.net.
.			18601	IN	NS	f.root-servers.net.
.			18601	IN	NS	g.root-servers.net.
.			18601	IN	NS	h.root-servers.net.
.			18601	IN	NS	i.root-servers.net.
.			18601	IN	NS	j.root-servers.net.
.			18601	IN	NS	k.root-servers.net.
.			18601	IN	NS	l.root-servers.net.
.			18601	IN	NS	m.root-servers.net.
;; Received 228 bytes from 8.8.8.8#53(8.8.8.8) in 301 ms
 
com.			172800	IN	NS	m.gtld-servers.net.
com.			172800	IN	NS	l.gtld-servers.net.
com.			172800	IN	NS	k.gtld-servers.net.
com.			172800	IN	NS	j.gtld-servers.net.
com.			172800	IN	NS	i.gtld-servers.net.
com.			172800	IN	NS	h.gtld-servers.net.
com.			172800	IN	NS	g.gtld-servers.net.
com.			172800	IN	NS	f.gtld-servers.net.
com.			172800	IN	NS	e.gtld-servers.net.
com.			172800	IN	NS	d.gtld-servers.net.
com.			172800	IN	NS	c.gtld-servers.net.
com.			172800	IN	NS	b.gtld-servers.net.
com.			172800	IN	NS	a.gtld-servers.net.
;; Received 490 bytes from 198.41.0.4#53(198.41.0.4) in 130 ms
 
vip.com.		172800	IN	NS	ns7.vipshop.com.
vip.com.		172800	IN	NS	ns8.vipshop.com.
;; Received 106 bytes from 192.55.83.30#53(192.55.83.30) in 90 ms
 
pic1.vip.com.		7200	IN	CNAME	pic1.vip.com.wscdns.com.
;; Received 64 bytes from 14.17.85.62#53(14.17.85.62) in 30 ms

由于篇幅有限,想知道更多的关于host, nslookup,dig命令的参数及应用场景,请查询man手册及相关文章。

你可能感兴趣的:(DNS查询工具使用浅析:host、nslookup、dig)