Jade Dungeon

Linux DNS

配置文件`resolv.conf`

现在新版Ubuntu系统也可以修改/etc/resolv.conf，不过重启会失效。原因是默认采用DHCP方式获取网络配置，每次重启时/etc/resolv.conf都会被DHCP服务重新生成。这点在/etc/resolv.conf注释里已经有提示了。

如果是Ubuntu桌面版，设置会很简单，在网络配置IPv4设置里，将DNS服务器设置为想要的即可。

如果是Ubuntu服务器版，方法有两个：

比如在/etc/network/interfaces文件中增加DNS设置（后面添加 dns-nameservers 8.8.8.8即可），或者在/etc/resolvconf/resolv.conf.d中新建tail文件，方法如下：

首先创建一个tail文件：

#vim /etc/resolvconf/resolv.conf.d/tail

然后添加DNS设置：

nameserver 8.8.8.8
nameserver 8.8.4.4

最后输入wq保存退出，重启下resolvconf程序让设置生效：

#/etc/init.d/resolvconf restart

以上方法虽然可以解决重启失效的问题，不过都有一个弊端，就是在/etc/resolv.conf设置的DNS服务器优先级会次于DHCP获得的DNS。

要想解决这个问题，可以修改/etc/dhcp/dhclient.conf文件，取消被注释的这一行：

prepend domain-name-servers 127.0.0.1;

在上面设置的DNS服务器地址会在/etc/resolv.conf中被插入，执行优先级也要优于DHCP获得的DNS。

查看主机名：host

這個指令可以用來查出某個主機名稱的 IP 喔！舉例來說，我們想要知道 tw.yahoo.com 的 IP 時，可以這樣做：

[root@www ~]$ host [-a] hostname [server]

選項與參數：

-a ：列出該主機詳細的各項主機名稱設定資料
[server] ：可以使用非為 /etc/resolv.conf 的 DNS 伺服器 IP 來查詢。

列出主机所拥有的IP

列出 tw.yahoo.com 的 IP

[root@www ~]$ host tw.yahoo.com
tw.yahoo.com is an alias for tw-cidr.fyap.b.yahoo.com.
tw-cidr.fyap.b.yahoo.com is an alias for tw-tpe-fo.fyap.b.yahoo.com.
tw-tpe-fo.fyap.b.yahoo.com has address 119.160.246.241

瞧！IP 是 119.160.246.241 啊！很簡單就可以查詢到 IP 了！那麼這個 IP 是向誰查詢的呢？其實就是寫在 /etc/resolv.conf 那個檔案內的 DNS 伺服器 IP 啦！如果不想要使用該檔案內的主機來查詢，也可以這樣做：

[root@www ~]$ host tw.yahoo.com 168.95.1.1
Using domain server:
Name: 168.95.1.1
Address: 168.95.1.1#53
Aliases:

tw.yahoo.com is an alias for tw-cidr.fyap.b.yahoo.com.
tw-cidr.fyap.b.yahoo.com is an alias for tw-tpe-fo.fyap.b.yahoo.com.
tw-tpe-fo.fyap.b.yahoo.com has address 119.160.246.241

會告訴我們所使用來查詢的主機是哪一部吶！這樣就夠清楚了吧！不過，再怎麼清楚也比不過dig這個指令的，所以這個指令僅是參考參考啦！

查看主机名：nslookup

這玩意兒的用途與 host 基本上是一樣的，就是用來作為 IP 與主機名稱對應的檢查，同樣是使用/etc/resolv.conf這個檔案來作為DNS伺服器的來源選擇。

[root@www ~]$ nslookup [-query=[type]] [hostname|IP]

選項與參數：

-query=type：查詢的類型，除了傳統的 IP 與主機名稱對應外，DNS 還有很多資訊，所以我們可以查詢很多不同的資訊，包括 mx, cname 等等，例如：-query=mx的查詢方法！

按域名查IP

找出 www.google.com 的 IP

[root@www ~]$ nslookup www.google.com
Server:         168.95.1.1
Address:        168.95.1.1#53

Non-authoritative answer:
www.google.com  canonical name = www.l.google.com.
Name:   www.l.google.com
Address: 74.125.71.106
....(底下省略)....

按IP查域名

找出 168.95.1.1 的主機名稱

[root@www ~]$ nslookup 168.95.1.1
Server:         168.95.1.1
Address:        168.95.1.1#53

1.1.95.168.in-addr.arpa name = dns.hinet.net.

如何，看起來與 host 差不多吧！不過，這個 nslookup還可以由IP找出主機名稱喔！例如那個範例二，他的主機名稱是：dns.hinet.net哩！目前大家都建議使用dig這個指令來取代nslookup，我們會在第十九章 DNS 伺服器那時再來好好談一談吧！

查询URL

网络实用程序，用于获得互联网服务器的信息。顾名思义，该实用程序将发现通过查询DNS 域的名称服务器信息。

[avishek@tecmint ~]$ nslookup tecmint.com
 
Server:     192.168.1.1
Address:    192.168.1.1#53
 
Non-authoritative answer:
Name:   tecmint.com
Address: 50.16.67.239

查询邮件交换器记录

[avishek@tecmint ~]$ nslookup -query=mx tecmint.com
 
Server:     192.168.1.1
Address:    192.168.1.1#53
 
Non-authoritative answer:
tecmint.com mail exchanger = 0 smtp.secureserver.net.
tecmint.com mail exchanger = 10 mailstore1.secureserver.net.
 
Authoritative answers can be found from:

查询域名服务器

[avishek@tecmint ~]$ nslookup -type=ns tecmint.com
 
Server:     192.168.1.1
Address:    192.168.1.1#53
 
Non-authoritative answer:
tecmint.com nameserver = ns3404.com.
tecmint.com nameserver = ns3403.com.
 
Authoritative answers can be found from:

查询DNS记录

[avishek@tecmint ~]$ nslookup -type=any tecmint.com
 
Server:     192.168.1.1
Address:    192.168.1.1#53
 
Non-authoritative answer:
tecmint.com mail exchanger = 10 mailstore1.secureserver.net.
tecmint.com mail exchanger = 0 smtp.secureserver.net.
tecmint.com nameserver = ns06.domaincontrol.com.
tecmint.com nameserver = ns3404.com.
tecmint.com nameserver = ns3403.com.
tecmint.com nameserver = ns05.domaincontrol.com.
 
Authoritative answers can be found from:

查询起始授权机构

[avishek@tecmint ~]$ nslookup -type=soa tecmint.com
 
Server:     192.168.1.1
Address:    192.168.1.1#53
 
Non-authoritative answer:
tecmint.com
    origin = ns3403.hostgator.com
    mail addr = dnsadmin.gator1702.hostgator.com
    serial = 2012081102
    refresh = 86400
    retry = 7200
    expire = 3600000
    minimum = 86400
 
Authoritative answers can be found from:

查询端口号

更改使用你想要连接的端口号

[avishek@tecmint ~]$ nslookup -port 56 tecmint.com
 
Server:     tecmint.com
Address:    50.16.76.239#53
 
Name:   56
Address: 14.13.253.12

dig 查询DNS服务

dig是查询DNS 域名服务器的工具，可以查询的主机地址、邮件交流、域名服务器相关的信息。在任何 Linux (Unix) 或 Macintosh OS X 操作系统上，都可以使用该工具。 dig的最典型的用法是单个主机的查询。

[avishek@tecmint ~]$ dig tecmint.com
 
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6 <<>> tecmint.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<

关闭注释行

[avishek@tecmint ~]$ dig tecmint.com +nocomments
 
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6 <<>> tecmint.com +nocomments
;; global options: +cmd
;tecmint.com.           IN  A
tecmint.com.        14400   IN  A   40.216.66.239
;; Query time: 418 msec
;; SERVER: 192.168.1.1#53(192.168.1.1)
;; WHEN: Sat Jun 29 13:53:22 2013
;; MSG SIZE  rcvd: 45

关闭认证块

[avishek@tecmint ~]$ dig tecmint.com +noauthority
 
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6 <<>> tecmint.com +noauthority
;; global options: +cmd
;; Got answer:
;; ->>HEADER<

关闭其他块

[avishek@tecmint ~]$ dig  tecmint.com +noadditional
 
; <<>> DiG 9.9.2-P1 <<>> tecmint.com +noadditional
;; global options: +cmd
;; Got answer:
;; ->>HEADER<

关闭统计块

[avishek@tecmint ~]$ dig tecmint.com +nostats
 
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6 <<>> tecmint.com +nostats
;; global options: +cmd
;; Got answer:
;; ->>HEADER<

关闭回复块

[avishek@tecmint ~]$ dig tecmint.com +noanswer
 
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6 <<>> tecmint.com +noanswer
;; global options: +cmd
;; Got answer:
;; ->>HEADER<

关闭所有块

[avishek@tecmint ~]$ dig tecmint.com +noall
 
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6 <<>> tecmint.com +noall
;; global options: +cmd

Query Domain 「A」 Record

# dig yahoo.com; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6_3.2 <<>> yahoo.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<

Above command causes dig to look up the 「A」 record for the domain name yahoo.com. Dig command reads the /etc/resolv.conf file and querying the DNS servers listed there. The response from the DNS server is what dig displays.

Let us understand the output of the commands:

Lines beginning with ; are comments not part of the information.

The first line tell us the version of dig (9.8.2) command.

Next, dig shows the header of the response it received from the DNS server

Next comes the question section, which simply tells us the query, which in this case is a query for the 「A」 record of yahoo.com. The IN means this is an Internet lookup (in the Internet class).

The answer section tells us that yahoo.com has the IP address 72.30.38.140

Lastly there are some stats about the query. You can turn off these stats using the +nostats option.

Query Domain 「A」 Record with +short

By default dig is quite verbose. One way to cut down the output is to use the +short option. which will drastically cut the output as shown below.

# dig yahoo.com +short

98.139.183.24
72.30.38.140
98.138.253.109

Note: By default dig looks for the 「A」 record of the domain specified, but you can specify other records also. The MX or Mail eXchange record tells mail servers how to route the email for the domain. Likewise TTL, SOA etc.

Querying MX Record for Domain

Querying different types of DNS resource records only.

# dig yahoo.com MX

; <> DiG 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6_3.2 <> yahoo.com MX
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 31450
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 24

;; QUESTION SECTION:
;yahoo.com.                     IN      MX

;; ANSWER SECTION:
yahoo.com.              33      IN      MX      1 mta6.am0.yahoodns.net.
yahoo.com.              33      IN      MX      1 mta7.am0.yahoodns.net.
yahoo.com.              33      IN      MX      1 mta5.am0.yahoodns.net.

Querying SOA Record for Domain

# dig yahoo.com SOA

; <> DiG 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6_3.2 <> yahoo.com SOA
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 2197
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 7, ADDITIONAL: 7

;; QUESTION SECTION:
;yahoo.com.                     IN      SOA

;; ANSWER SECTION:
yahoo.com.              1800    IN      SOA     ns1.yahoo.com. hostmaster.yahoo-inc.com. 2012081409 3600 300 1814400 600

Querying TTL Record for Domain

# dig yahoo.com TTL

; <> DiG 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6_3.2 <> yahoo.com TTL
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 56156
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;yahoo.com.                     IN      A

;; ANSWER SECTION:
yahoo.com.              3589    IN      A       98.138.253.109
yahoo.com.              3589    IN      A       98.139.183.24
yahoo.com.              3589    IN      A       72.30.38.140

Querying only answer section

# dig yahoo.com +nocomments +noquestion +noauthority +noadditional +nostats

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6 <<>> yahoo.com +nocomments +noquestion +noauthority +noadditional +nostats
;; global options: +cmd
yahoo.com.              3442    IN      A       72.30.38.140
yahoo.com.              3442    IN      A       98.138.253.109
yahoo.com.              3442    IN      A       98.139.183.24

Querying ALL DNS Records Types

# dig yahoo.com ANY +noall +answer

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6 <<>> yahoo.com ANY +noall +answer
;; global options: +cmd
yahoo.com.              3509    IN      A       72.30.38.140
yahoo.com.              3509    IN      A       98.138.253.109
yahoo.com.              3509    IN      A       98.139.183.24
yahoo.com.              1709    IN      MX      1 mta5.am0.yahoodns.net.
yahoo.com.              1709    IN      MX      1 mta6.am0.yahoodns.net.
yahoo.com.              1709    IN      MX      1 mta7.am0.yahoodns.net.
yahoo.com.              43109   IN      NS      ns2.yahoo.com.
yahoo.com.              43109   IN      NS      ns8.yahoo.com.
yahoo.com.              43109   IN      NS      ns3.yahoo.com.
yahoo.com.              43109   IN      NS      ns1.yahoo.com.
yahoo.com.              43109   IN      NS      ns4.yahoo.com.
yahoo.com.              43109   IN      NS      ns5.yahoo.com.
yahoo.com.              43109   IN      NS      ns6.yahoo.com.

DNS Reverse Look-up

Querying DNS Reverse Look-up. Only display answer section with using +short.

# dig -x 72.30.38.140 +short

ir1.fp.vip.sp2.yahoo.com.

Querying Multiple DNS Records

Query multiple website’s DNS specific query viz. MX, NS etc. records.

# dig yahoo.com mx +noall +answer redhat.com ns +noall +answer

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6 <<>> yahoo.com mx +noall +answer redhat.com ns +noall +answer
;; global options: +cmd
yahoo.com.              1740    IN      MX      1 mta6.am0.yahoodns.net.
yahoo.com.              1740    IN      MX      1 mta7.am0.yahoodns.net.
yahoo.com.              1740    IN      MX      1 mta5.am0.yahoodns.net.
redhat.com.             132     IN      NS      ns1.redhat.com.
redhat.com.             132     IN      NS      ns4.redhat.com.
redhat.com.             132     IN      NS      ns3.redhat.com.
redhat.com.             132     IN      NS      ns2.redhat.com.

Create .digrc file

Create .digrc file under $HOME/.digrc to store default dig options.

# dig yahoo.com
yahoo.com.              3427    IN      A       72.30.38.140
yahoo.com.              3427    IN      A       98.138.253.109
yahoo.com.              3427    IN      A       98.139.183.24

We have store +noall +answer options permanently in .digrc file under user’s home directory. Now, whenever dig command execute it will show only answer section of dig output. No Need to type every-time options like +noall +answer.