在之前介绍过Linux DNS之nslookup工具,今天我学习了一个比nslookup更强大的工具,并且现在非常流行——Dig,它是一个专业DNS工具。
直接在命令行输入dig,可以看到很多DNS详细的信息.相对于nslookup查询来说,可以通过下面命令格式: **dig @dnsserver name -t querytype
[lhf@lv-centos ~]$ dig baidu.com
; <<>> DiG 9.9.4-RedHat-9.9.4-38.el7_3.1 <<>> baidu.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 31419
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 5, ADDITIONAL: 5
;; QUESTION SECTION:
;baidu.com. IN A
;; ANSWER SECTION:
baidu.com. 600 IN A 220.181.57.217
baidu.com. 600 IN A 180.149.132.47
baidu.com. 600 IN A 123.125.114.144
baidu.com. 600 IN A 111.13.101.208
;; AUTHORITY SECTION:
baidu.com. 46078 IN NS ns2.baidu.com.
baidu.com. 46078 IN NS ns3.baidu.com.
baidu.com. 46078 IN NS ns4.baidu.com.
baidu.com. 46078 IN NS ns7.baidu.com.
baidu.com. 46078 IN NS dns.baidu.com.
;; Query time: 3 msec
;; SERVER: 219.238.164.7#53(219.238.164.7)
;; WHEN: 三 2月 15 20:37:01 CST 2017
;; MSG SIZE rcvd: 261
可以看出输出的内容还是DNS信息即(域名、生存时间、类别、类型和值)。如果想查询NS类型,则:
[lhf@lv-centos ~]$ dig @8.8.8.8 brianlv.com -t NS
; <<>> DiG 9.9.4-RedHat-9.9.4-38.el7_3.1 <<>> @8.8.8.8 brianlv.com ns
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 46978
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;brianlv.com. IN NS
;; ANSWER SECTION:
brianlv.com. 86399 IN NS dns10.hichina.com.
brianlv.com. 86399 IN NS dns9.hichina.com.
;; Query time: 699 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: 三 2月 15 20:41:47 CST 2017
;; MSG SIZE rcvd: 87
如何高效的查询域名,比如查询:baidu.com和yahoo.com的A类型的值?我们可以这样处理,把需要查询的域名放到文件中。通过-f参数来实现域名文件的查询。
[lhf@lv-centos ~]$ cat list
baidu.com
yahoo.com
[lhf@lv-centos ~]$ dig -f list -t A
; <<>> DiG 9.9.4-RedHat-9.9.4-38.el7_3.1 <<>> baidu.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 22360
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 5, ADDITIONAL: 5
;; QUESTION SECTION:
;baidu.com. IN A
;; ANSWER SECTION:
baidu.com. 600 IN A 220.181.57.217
baidu.com. 600 IN A 123.125.114.144
baidu.com. 600 IN A 180.149.132.47
baidu.com. 600 IN A 111.13.101.208
;; Query time: 3 msec
;; SERVER: 219.238.164.7#53(219.238.164.7)
;; WHEN: 三 2月 15 20:48:33 CST 2017
;; MSG SIZE rcvd: 261
; <<>> DiG 9.9.4-RedHat-9.9.4-38.el7_3.1 <<>> yahoo.com
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 52250
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 5, ADDITIONAL: 8
;; QUESTION SECTION:
;yahoo.com. IN A
;; ANSWER SECTION:
yahoo.com. 600 IN A 206.190.36.45
yahoo.com. 600 IN A 98.138.253.109
yahoo.com. 600 IN A 98.139.183.24
;; Query time: 3 msec
;; SERVER: 219.238.164.7#53(219.238.164.7)
;; WHEN: 三 2月 15 20:48:33 CST 2017
;; MSG SIZE rcvd: 329
我们如果知道域名的A记录,如何反向查找域名的映射关系呢?我们通过-x参数实现反向解析。
[lhf@lv-centos ~]$ dig -x 180.149.132.47
; <<>> DiG 9.9.4-RedHat-9.9.4-38.el7_3.1 <<>> -x 180.149.132.47
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 48479
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;47.132.149.180.in-addr.arpa. IN PTR
;; AUTHORITY SECTION:
132.149.180.in-addr.arpa. 2646 IN SOA idc-ns1.bjtelecom.net. wang_ye.bjxywh.com. 1348929128 10800 3600 604800 38400
;; Query time: 3 msec
;; SERVER: 219.238.164.7#53(219.238.164.7)
;; WHEN: 三 2月 15 20:56:08 CST 2017
;; MSG SIZE rcvd: 131
dig通过+trace来实现追踪DNS过程。